-
Notifications
You must be signed in to change notification settings - Fork 554
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add LDAP Authentication #249
Conversation
Signed-off-by: Stany MARCEL <[email protected]>
Signed-off-by: Stany MARCEL <[email protected]>
Signed-off-by: Stany MARCEL <[email protected]>
I'm not so sure about the benefit of LDAP auth. It doesn't really strike me as a good fit for a "simple bookmark manager". What's the use case? Regarding the code itself:
|
Hello, Sorry for the late reply I was kind of busy on other subjects. I'll update my PR to address your comments. For the use case LDAP is mandatory for me I don't want my users to have to have yet another password as there is already a central authentication server. Also when I have a new user or one that leave, I only need to change at one place for all apps. Regards, |
I mean the use case for Shiori users in general. |
Yes I understood, but I might not be the only user that want to use a bookmark manager in a professional environment with a ldap server or more generally a AD server. |
You might not be. But I'd be surprised if there are many others, as Shiori really isn't targeted at such environments. It doesn't even have "full" multi-user support (there's only one collection of bookmarks). In face of that, it seems at least premature to integrate 3rd-party authentication, especially heavy-duty enterprise solutions. If I accept the PR, it's a feature I have to support, and I know next to nothing about LDAP, let alone have an LDAP environment to develop Shiori in. That's a big ask, and one I'm strongly inclined to reject in face of the risk/effort vs the apparently limited benefit to Shiori users as a whole. Could this not be replaced by a simpler, backend-agnostic interface to allow the use of external auth providers? Something that would be (a) simpler to maintain in Shiori and (b) more broadly useable for typical, self-hosting, non-enterprise Shiori users? |
First, I really like idea of one centralized bookmark database, it's fits good for enterprise needs.
OpenLDAP server logs this:
I have tried many things like updating dependiecies, skiping cert vertifaction, but none of them worked. |
Ok, i found solution. There is a difference between |
I'll try to re-base and rework this feature soon if some people are interested in it. My use case is to have a same database for a whole team to share our technical watch. |
I am personally of the opinion that we should probably just start a new fork. There are PR’s from last year that still haven’t even been looked at. I had quite a few of my own but I just withdrew out of frustration.
Thomas J Munn
… On Mar 3, 2021, at 11:26, Stany MARCEL ***@***.***> wrote:
I'll try to re-base and rework this feature soon if some people are interested in it. My use case is to have a same database for a whole team to share our technical watch.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or unsubscribe.
|
d1ffd75
to
d70a8f2
Compare
Hey @ynsta, thank you for your commitment to this, as I said in #491, we can't support this at the moment with the current state of Shiori. Please read my comment there, if you have any questions or want to move the conversation forward please do! I would like to properly allow multiple auth methods in Shiori but the bases are not there yet. Hope you understand! |
Hello,
Here a new PR for ldap authentication on your latest branch and without the config part.
All settings are given via environment vars.
I also added a docker-compose as an example with all env vars and a postgresql.
Regards,