"Missing Credentials" when trying to login to the ldap server
jefly opened this issue · comments
I want to authenticate an user whether the username & password is correct. I'll paste only the important code here.
const passport = require('passport');
const ldapStrategy = require('passport-ldapauth').Strategy;
var LDAP_OPTS = {
server: {
url: 'ldap://server_ip:389',
bindDN: 'DN info',
bindCredentials: 'ldap admin password',
searchBase: 'base_info',
searchFilter: '(sAMAccountName={{my_user_name}})'
},
usernameField: 'my_user_name',
passwordField: 'my_password'
};
passport.use(new ldapStrategy(LDAP_OPTS));
app.use(passport.initialize());
module.exports.login = function(req, res, next){
passport.authenticate('ldapauth', function(err, user, info){
if(err){
return next(err);
}
if(!user){
res.status(401).json({ success: false, message: 'authentication failed' });
} else {
res.status(200).json({success: true});
}
console.log('after response..')
})(req, res, next)
}
Again I'm telling I just need to authenticate whether my username exist in the ldap server and after that validate my password over it and return a response based on that. Can anyone help me?
@vesse @mikeputnam @simong
Same problem here, trying with SSL.
const ldapOptions = {
server: {
url: config.LDAP_SERVER_URL,
bindDN: config.LDAP_SERVER_BIND_DN,
bindCredentials: config.LDAP_SERVER_BIND_CREDENTIALS,
searchBase: config.LDAP_SERVER_SEARCH_BASE || null,
searchFilter: config.LDAP_SERVER_SEARCH_FILTER || null,
searchAttributes: config.LDAP_SERVER_SEARCH_ATTR,
tlsOptions: {
ca: [fs.readFileSync(config.LDAP_PATH_TO_CERT)]
}
},
usernameField: 'my_user_name',
passwordField: 'my_password'
}
passport.use(new LdapStrategy(ldapOptions))
Part of the code
import passport from 'passport'
import LdapStrategy from 'passport-ldapauth'
passport.authenticate(authStrategy, { session: false }, (err, user, info) => {
if (err || !user) {
logger.error(`${prefix} Cannot authenticate the user "${user}": ${JSON.stringify(info)}`)
return res.status(400).json({
message: info.message,
error: err,
user: user,
info: info
})
}
Returned content
{
"message": "Missing credentials",
"error": null,
"user": false,
"info": {
"message": "Missing credentials"
}
}
Version from package.json
"passport": "^0.4.0",
"passport-ldapauth": "^2.0.0",
Even though I tagged some of the people, they seems to haven't responding.
@gigouni Did you find any alternative way?
I find it unlikely that you both have HTML forms that send username
and password
in fields with names
usernameField: 'my_user_name',
passwordField: 'my_password'
Did you read the documentation? Furthermore, this is not an ISSUE in the library, for basic usage instructions please refer to the documentation or stackoverflow
@vesse I read documentation and I'm not expecting the basic usage here.
Sorry for bugging you but I really need to get this done. Can you please check these images and let me know what's the wrong? I've been trying for 3 days now. Please help
Did you check this link I already provided?
Hint: you are assigning data (form.value.username
) to usernameField
- eg. if you put usernameField: jefly@example.com
, the implementation will search for input field named jefly@example.com
from the request.
Update: Oh, but you are also assigning a credentialsLookup
function but not setting any HTTP Basic Auth headers.
This still does not look like an ISSUE in the library but a very basic user error. I suggest you check the implementation that gives the Missing credentials
reply. It comes because there are no credentials found to be checked agains LDAP.
@vesse: Thank you very much, now it's working! You saved my life. Yes, you're right. I understood the usernameField issue. Actually I didn't need credentialsLookup. I used it because authentication didn't work. Thanks again and sorry for bothering. I think it's better if you provide the html form in your example, so others can understand easily :)
I'm still getting bad Request / missing credentials !! I tried to pass username and password in usernameField and passwordField no luck where exactly i should pass those into? in options or passport.authentication () ??? can anyone help me on this.
@Barathwaja usernameField, passwordField should be the name of your name of txt inputs inside the form.