[rabbitmq-discuss] eldap simple_bind failure

Joey Jiao joey.jiaojg at gmail.com
Tue Jul 1 09:16:01 BST 2014


Here is my config

[
  {rabbit, [
    {log_levels, [{default, info}]},
    {reverse_dns_lookups, true},
    {auth_backends, [rabbit_auth_backend_ldap]},
    {ssl_listeners, [5671]}
%    {ssl_options, [
%      {verify, verify_none},
%      {cacertfile, "/etc/rabbitmq/qc_root_g2_cert.crt"},
%      {certfile, "/etc/rabbitmq/ssl_v1_cert.crt"}
%    ]}
  ]},
  {rabbitmq_auth_backend_ldap, [
    {servers, ["ldap"]},
    {user_dn_pattern, "uid=${username},ou=people,o=xxx"},
 %  {dn_lookup_attribute, "uid"},
 %  {dn_lookup_base, "ou=people,o=xxx"},
 %  {dn_lookup_bind, anon},
    {use_ssl, false},
    {log, network},
    {vhost_access_query, {constant, true}},
    {resource_access_query, {constant, true}},
    {tag_queries, [{administrator, {constant, true}},
                   {management, {constant, true}}]}
  ]}
].


2014-07-01 13:20 GMT+08:00 Joey Jiao <joey.jiaojg at gmail.com>:

> Hi,
> I'm still on using rabbitmq_auth_backends_ldap plugin but login still
> failed.
> After a track, it failed during eldap:simple_bind.
> But it failed at simple_bind with
> eldap:simple_bind(L,"uid=jiangenj,ou=people,o=xxx","password") with error
> {error,confidentialityRequired}.
>
> My django app uses settings below and it worked. How can I convert to
> rabbitmq way?
> import ldap
>
>
>
> *AUTH_LDAP_START_TLS = TrueAUTH_LDAP_GLOBAL_OPTIONS = {
> ldap.OPT_X_TLS_REQUIRE_CERT: ldap.OPT_X_TLS_NEVER }*
>
> *AUTH_LDAP_BIND_DN = ''AUTH_LDAP_BIND_PASSWORD = ''*
> *AUTH_LDAP_BIND_AS_AUTHENTICATING_USER = True*
> AUTH_LDAP_SERVER_URI = 'ldap://ldap'
> AUTH_LDAP_USER_DN_TEMPLATE = 'uid=%(user)s,ou=people,o=xxx'
>
> --
> -Joey Jiao
>



-- 
-Joey Jiao
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rabbitmq.com/pipermail/rabbitmq-discuss/attachments/20140701/55dbf948/attachment.html>


More information about the rabbitmq-discuss mailing list