Add support to multiple LDAP Servers

wiltonsr · Oct 11, 2024 · 702b5c8 · 702b5c8
1 parent 64fac47
commit 702b5c8
Show file tree

Hide file tree

Showing 4 changed files with 166 additions and 81 deletions.
diff --git a/examples/conf-from-labels.yml b/examples/conf-from-labels.yml
@@ -34,10 +34,16 @@ services:
       - traefik.http.routers.whoami.middlewares=ldap_auth
       # ldapAuth Options=================================================================================
       - traefik.http.middlewares.ldap_auth.plugin.ldapAuth.logLevel=DEBUG
-      - traefik.http.middlewares.ldap_auth.plugin.ldapAuth.url=ldap://ldap.forumsys.com
-      - traefik.http.middlewares.ldap_auth.plugin.ldapAuth.port=389
-      - traefik.http.middlewares.ldap_auth.plugin.ldapAuth.baseDN=dc=example,dc=com
-      - traefik.http.middlewares.ldap_auth.plugin.ldapAuth.attribute=uid
+      - traefik.http.middlewares.ldap_auth.plugin.ldapAuth.serverList[0].url=ldap://ldap.forumsys.com
+      - traefik.http.middlewares.ldap_auth.plugin.ldapAuth.serverList[0].port=389
+      - traefik.http.middlewares.ldap_auth.plugin.ldapAuth.serverList[0].weight=20
+      - traefik.http.middlewares.ldap_auth.plugin.ldapAuth.serverList[0].baseDN=dc=example,dc=com
+      - traefik.http.middlewares.ldap_auth.plugin.ldapAuth.serverList[0].attribute=uid
+      - traefik.http.middlewares.ldap_auth.plugin.ldapAuth.serverList[1].url=ldap://ldap2.forumsys.com
+      - traefik.http.middlewares.ldap_auth.plugin.ldapAuth.serverList[1].port=636
+      - traefik.http.middlewares.ldap_auth.plugin.ldapAuth.serverList[1].weight=10
+      - traefik.http.middlewares.ldap_auth.plugin.ldapAuth.serverList[1].baseDN=dc=example,dc=com
+      - traefik.http.middlewares.ldap_auth.plugin.ldapAuth.serverList[1].attribute=uid
       # AllowedGroups and AllowedUsers are not supported with labels, because multiple value labels are separated with commas
       # SearchFilter must not escape curly braces when using labels
       # - traefik.http.middlewares.ldap_auth.plugin.ldapAuth.searchFilter=({{.Attribute}}={{.Username}})

diff --git a/examples/dynamic-conf/ldapAuth-conf.toml b/examples/dynamic-conf/ldapAuth-conf.toml
@@ -1,11 +1,15 @@
 [http.middlewares]
 [http.middlewares.my-ldapAuth.plugin.ldapAuth]
-Attribute = "uid"
-BaseDN = "dc=example,dc=com"
 Enabled = "true"
 LogLevel = "DEBUG"
-Port = "389"
+[[http.middlewares.my-ldapAuth.plugin.ldapAuth.ServerList]]
+Port = "636"
+Url = "ldaps://ldap2.forumsys.com"
+[[http.middlewares.my-ldapAuth.plugin.ldapAuth.ServerList]]
 Url = "ldap://ldap.forumsys.com"
+Port = "389"
+Attribute = "uid"
+BaseDN = "dc=example,dc=com"
 AllowedGroups = ["ou=mathematicians,dc=example,dc=com","ou=italians,ou=scientists,dc=example,dc=com"]
 AllowedUsers = ["euler", "uid=euclid,dc=example,dc=com"]
 # SearchFilter must escape curly braces when using toml file

diff --git a/examples/dynamic-conf/ldapAuth-conf.yml b/examples/dynamic-conf/ldapAuth-conf.yml
@@ -5,16 +5,27 @@ http:
         ldapAuth:
           Enabled: true
           LogLevel: "DEBUG"
-          Url: "ldap://ldap.forumsys.com"
-          Port: 389
-          BaseDN: "dc=example,dc=com"
-          Attribute: "uid"
-          AllowedGroups:
-            - ou=mathematicians,dc=example,dc=com
-            - ou=italians,ou=scientists,dc=example,dc=com
-          AllowedUsers:
-            - euler
-            - uid=euclid,dc=example,dc=com
-          # SearchFilter must escape curly braces when using yml file
-          # https://yaml.org/spec/1.1/#id872840
-          # SearchFilter: (\{\{.Attribute\}\}=\{\{.Username\}\})
+          ServerList:
+            - Url: "ldap://ldap.forumsys.com"
+              Port: 389
+              Weight: 100
+              BaseDN: "dc=example,dc=com"
+              Attribute: "uid"
+              AllowedGroups:
+                - ou=mathematicians,dc=example,dc=com
+                - ou=italians,ou=scientists,dc=example,dc=com
+              AllowedUsers:
+                - euler
+                - uid=euclid,dc=example,dc=com
+              # SearchFilter must escape curly braces when using yml file
+              # https://yaml.org/spec/1.1/#id872840
+              # SearchFilter: (\{\{.Attribute\}\}=\{\{.Username\}\})
+            - Url: "ldap://ldap4.forumsys.com"
+              Port: 636
+              Weight: 9
+            - Url: "ldap://ldap3.forumsys.com"
+              Port: 389
+              Weight: 11
+            - Url: "ldap://ldap2.forumsys.com"
+              Port: 636
+              Weight: 12