如何在R Shiny App中使用LDAP进行认证
[英]How to Authenticate with LDAP in R Shiny App
问题描述
My company uses an LDAP server for authentication against an Active Directory.
我的公司使用 LDAP 服务器对 Active Directory 进行身份验证。 I need to authenticate users of a remotely hosted Shiny app using this.我需要使用它对远程托管的 Shiny 应用程序的用户进行身份验证。 I managed to authenticate in Python, but need to port this to R:我设法在 Python 中进行身份验证,但需要将其移植到 R:
import ldap
from getpass import getpass
username = "user_name"
password = getpass(prompt='Password: ', stream=None)
ldap_server = "ldap://company-ldap-server:636"
try:
# Create connection with LDAP server and set options
conn = ldap.initialize(ldap_server)
conn.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER)
conn.set_option(ldap.OPT_X_TLS_NEWCTX, 0)
# Authenticate by trying to connect
conn.simple_bind_s(username, password)
# Retrieve this user's name and email (for authorization)
info = conn.search_s("DC=ad,DC=company,DC=com", ldap.SCOPE_SUBTREE, f"cn={username}*")
conn.unbind_s()
except Exception:
print("ERROR: Could not connect")
Here's what I've tried in R:这是我在 R 中尝试过的:
library(RCurl)
ldap_server <- "ldap://company-ldap-server:636"
user <- "user_name"
RCurl::getURL(ldap_server, .opts=list(userpwd = paste0(user, "@ad.company.com:",
.rs.askForPassword("Password: "))
)
)
All I get is:我得到的是:
Error in function (type, msg, asError = TRUE): LDAP local: bind ldap_result Can't contact LDAP server
In curlOptions() there are some items similar to OPT_X_TLS_REQUIRE_CERT and OPT_X_TLS_NEWCTX , but curlSetOpts with any of those names don't seem to work.在curlOptions()中有一些类似于OPT_X_TLS_REQUIRE_CERT和OPT_X_TLS_NEWCTX的项目,但具有这些名称的curlSetOpts似乎不起作用。
This question and answer comes close, but I want to authenticate a user by securely passing their username and password. This question and answer comes close,但我想通过安全地传递他们的用户名和密码来验证用户。
In this answer , they're trying to convert Shiny LDAP to flask (basically the opposite of mine).在这个答案中,他们试图将 Shiny LDAP 转换为 flask(基本上与我的相反)。 But I'm not sure where/how they specify that auth_active_dir configuration...perhaps R Studio Connect or Shiny Open Server Pro.但我不确定他们在哪里/如何指定auth_active_dir配置...可能是 R Studio Connect 或 Shiny Open Server Pro。 Neither of which are options for me.这两个都不是我的选择。
It could be that the server is down at the moment.可能是服务器此时已关闭。 In the meantime, are these equivalent or is there something I'm missing in the R code?同时,这些是等效的还是我在 R 代码中遗漏了什么?
# Python
conn = ldap.initialize(ldap_server)
conn.simple_bind_s(username, password)
# R
getURL(ldap_server, .opts=list(userpwd = "...."))
1 个解决方案
解决方案1
0 2021-11-23 21:35:07
Maybe, you could try my rlang lib - https://github.com/dmslabsbr/ShinyLdap也许,你可以试试我的 rlang lib - https://github.com/dmslabsbr/ShinyLdap
It is still a beta version, but I´m using in some projects.它仍然是一个测试版,但我在一些项目中使用。
解决方案2
0 2022-04-21 21:51:16
The format of your url (ldap_server) is not enough.你的url(ldap_server)的格式不够。 How about you try: Following the post here: How do I run a ldap query using R?你试试看:按照这里的帖子: How do I run a ldap query using R?
ldap_server <- "ldap://company-ldap-server:636/OU=[value],dc=ad,dc=company,dc=com?cn,mail?sub?filter"
- Replace the [value] by removing bracket with your OU (which is company for me).通过用您的 OU(对我来说是公司)删除括号来替换 [value]。
- sub is scope (base/one/sub) as values sub 是 scope (base/one/sub) 作为值
- Replace "cn, mail" with whatever attributes you want to query将“cn,mail”替换为您要查询的任何属性
- filter is search filter making subset of the query: eg(sn=LastName). filter 是创建查询子集的搜索过滤器:eg(sn=LastName)。
Check out https://docs.oracle.com/cd/E19396-01/817-7616/ldurl.html for curl url.查看https://docs.oracle.com/cd/E19396-01/817-7616/ldurl.html curl url。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.