2015-12-06 3:44 GMT+01:00 Grant Haywood <gr...@iowntheinter.net>: > I found a pretty good starting point > > https://github.com/morganfainberg/HAProxyKeystoneMiddlware > > if i do anything with ldap ill post it... > > ----- Original Message ----- > From: "Grant Haywood" <gr...@iowntheinter.net> > To: "thierry fournier" <thierry.fourn...@arpalert.org> > Cc: "Igor Cicimov" <ig...@encompasscorporation.com>, "HAProxy" > <haproxy@formilux.org>, "Baptiste" <bed...@gmail.com> > Sent: Saturday, December 5, 2015 6:48:52 PM > Subject: Re: lua authentication > > I see. > Still, is there an example of authenticating an Http connection in lua? > > im fairly certan i can do a JWT implementation > > and for LDAP, it may still easyer to proxy a simple (non-ldap) message over a > socket, and write a bridge to ldap daemon in something thats not lua. (use at > your own risk/understanding/vetting) > > kind of like this https://doc.powerdns.com/md/authoritative/backend-pipe/ > (i know thats not for auth, but same concept) > > ----- Original Message ----- > From: "thierry fournier" <thierry.fourn...@arpalert.org> > To: "Baptiste" <bed...@gmail.com> > Cc: "Grant Haywood" <gr...@iowntheinter.net>, "Igor Cicimov" > <ig...@encompasscorporation.com>, "HAProxy" <haproxy@formilux.org> > Sent: Saturday, December 5, 2015 3:36:32 PM > Subject: Re: lua authentication > > Hi, > > I complement, I would say, that the Lua bindings for the standard > Openldap client exists, but unfortunately, the operation is blocking, > and doesn't run very well with HAProxy. > > It seems that a Lua rewrite of the LDAP protocol using standard Lua > HAProxy socket is a solution, but this is a big development. Maybe a > partial implementation (juste the binding) will be usefull. > > Thierry > > > > On Fri, 4 Dec 2015 08:35:41 +0100 > Baptiste <bed...@gmail.com> wrote: > >> current Lua implementation already allows asynchronous network sockets. >> Now, what you need to do is to code a basic LDAP auth request in Lua >> and be able to parse the response. >> >> Baptiste >> >> >> >> On Thu, Dec 3, 2015 at 11:58 PM, Grant Haywood <gr...@iowntheinter.net> >> wrote: >> > Thats exactly what I am wanting to code, I just need an example of how to >> > do auth, like userlist, inside of lua. >> > >> > ----- Original Message ----- >> > From: "Igor Cicimov" <ig...@encompasscorporation.com> >> > To: "Grant Haywood" <gr...@iowntheinter.net> >> > Cc: "HAProxy" <haproxy@formilux.org> >> > Sent: Thursday, December 3, 2015 3:58:28 PM >> > Subject: Re: lua authentication >> > >> > >> > >> > >> > Hi Grant, >> > >> > >> > >> > On Fri, Dec 4, 2015 at 7:46 AM, Grant Haywood < gr...@iowntheinter.net > >> > wrote: >> > >> > >> > Hello, >> > >> > I was wondering if there is a basic example of using lua to do >> > authentication? >> > >> > I am specificaly interested in constructing 'ldap' and 'jwt' versions of >> > the 'userlist' block >> > >> > thx in advance for your time >> > >> > >> > >> > Excellent question. One feature I would love to see in haproxy is support >> > for ldap authentication. It would be awesome If that could be done via lua.
IHMO it should be easier to use SASL. Joris >> > >> > >> > Thanks, >> > >> > Igor >> > >> >
