ldapauthn - Webhook OpenLdap server for k8s written in go #authn #k8s #kubernetes #webhook

Sat, 13 Jun 2020 15:28:00 +0000

LdapAuthn
Description
LdapAuthn is a simple go web server that integrates with your OpenLDAP instance to handle k8s webook `TokenReview` requests

Specifications
LdapAuthn can run as binary or in a docker container and exposes on the port `8082` the following endpoints (more details on https://github.com/almartino/ldapauthn):

/ (webhook endpoint)
/health (health endpoint)

Details for Webhook endpoint
When a `TokenReview` hits the webhook endpoint by default the following error responses can occurs (details of status codes on https://github.com/almartino/ldapauthn):

400 | BadRequest 
401 | Unauthorized  
403 | Forbidden
405 | MethodNotAllowed
406 | NotAcceptable
500 | InternalServerError
Env
LdapAuthn is docker ready. I choosed to configure the application via env variables.

See https://github.com/almartino/ldapauthn for the complete list of env variables.

Init
Direct```bash
 LDAP_URL='ldap://LDAP_HOST:389' \
 LDAP_ADMIN_DN='cn=admin,dc=example,dc=org' \
 LDAP_ADMIN_PASSWORD='PASSWORD' LDAP_BASE_DN='dc=example,dc=org' \
 LDAP_USER_PREFIX='ou=people,ou=users' \
 LDAP_UID_ATTR='uid' authn
```



Docker
```bash
docker run -e LDAP_URL='ldap://LDAP_HOST:389' \
           -e LDAP_ADMIN_DN='cn=admin,dc=example,dc=org' \
           -e LDAP_ADMIN_PASSWORD='PASSWORD' LDAP_BASE_DN='dc=example,dc=org' \
           -e LDAP_USER_PREFIX='ou=people,ou=users' \
           -e LDAP_UID_ATTR='uid' almartino/ldapauthn:latest
```

Helm

Coming soon ...

3 points posted by hankmartinez

Golang News

ldapauthn - Webhook OpenLdap server for k8s written in go #authn #k8s #kubernetes #webhook

LdapAuthn

Description

Specifications

Details for Webhook endpoint

Env

Init

Direct

Docker

Helm