Skip to main content

LdapProviderConfig

axess_core

Struct LdapProviderConfig 

Source 
pub struct LdapProviderConfig {
    pub url: String,
    pub bind_dn_template: String,
    pub starttls: bool,
    pub connection_timeout: Duration,
    pub group_search: Option<LdapGroupSearch>,
}
Available on crate feature ldap only.
Expand description

Production LDAP provider wrapping the ldap3 crate.

§TLS requirements

LDAP simple bind transmits passwords in the protocol data unit. Always use TLS to protect credentials on the wire:

  • Preferred: ldaps:// URLs (TLS from the first byte, port 636).
  • Alternative: ldap:// with .with_starttls() (upgrades to TLS after connect, port 389).

Certificate validation uses the system CA trust store (via rustls). For private CAs (common in enterprise AD deployments), install the CA certificate in the OS trust store or use the SSL_CERT_FILE / SSL_CERT_DIR environment variables.

Plain ldap:// without STARTTLS sends credentials in cleartext and must not be used outside localhost development.

Fields§

§url: String

LDAP server URL (e.g. "ldap://ad.example.com:389" or "ldaps://ad.example.com:636").

§bind_dn_template: String

Template for constructing the bind DN from the user identifier. {user} is replaced with the login identifier.

Active Directory: "{user}@corp.example.com" (UPN) or "CORP\\{user}" OpenLDAP: "uid={user},ou=people,dc=example,dc=com"

§starttls: bool

Use STARTTLS on plain LDAP connections. Ignored for ldaps:// URLs.

§connection_timeout: Duration

Connection timeout. Default: 5 seconds.

§group_search: Option<LdapGroupSearch>

Optional group membership search after successful bind.

Implementations§

Source§

impl LdapProviderConfig

Source

pub fn new( url: impl Into<String>, bind_dn_template: impl Into<String>, ) -> LdapProviderConfig

Create a new LDAP provider configuration.

§Arguments
  • url: LDAP server URL (ldap:// or ldaps://)
  • bind_dn_template: template with {user} placeholder
Source

pub fn with_starttls(self) -> LdapProviderConfig

Enable STARTTLS on plain LDAP connections.

Source

pub fn with_timeout(self, timeout: Duration) -> LdapProviderConfig

Set the connection timeout.

Configure group membership search after successful bind.

Trait Implementations§

Source§

impl HealthCheck for LdapProviderConfig

Source§

fn check(&self) -> Pin<Box<dyn Future<Output = HealthStatus> + Send + '_>>

Probe the component and return its current health.
Source§

impl LdapProvider for LdapProviderConfig

Source§

fn verify_bind<'a>( &'a self, identifier: &'a str, bind_dn: &'a str, password: &'a str, ) -> Pin<Box<dyn Future<Output = Result<LdapBindResult, LdapError>> + Send + 'a>>

Attempt a simple bind with the given DN and password. Read more
Source§

fn build_bind_dn(&self, identifier: &str) -> String

Construct the bind DN for a given user identifier. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> ArchivePointee for T

Source§

type ArchivedMetadata = ()

The archived version of the pointer metadata for this type.
Source§

fn pointer_metadata( _: &<T as ArchivePointee>::ArchivedMetadata, ) -> <T as Pointee>::Metadata

Converts some archived metadata to the pointer metadata for itself.
Source§

impl<'a, T, E> AsTaggedExplicit<'a, E> for T
where T: 'a,

Source§

fn explicit(self, class: Class, tag: u32) -> TaggedParser<'a, Explicit, Self, E>

Source§

impl<'a, T, E> AsTaggedExplicit<'a, E> for T
where T: 'a,

Source§

fn explicit(self, class: Class, tag: u32) -> TaggedParser<'a, Explicit, Self, E>

Source§

impl<'a, T, E> AsTaggedImplicit<'a, E> for T
where T: 'a,

Source§

fn implicit( self, class: Class, constructed: bool, tag: u32, ) -> TaggedParser<'a, Implicit, Self, E>

Source§

impl<'a, T, E> AsTaggedImplicit<'a, E> for T
where T: 'a,

Source§

fn implicit( self, class: Class, constructed: bool, tag: u32, ) -> TaggedParser<'a, Implicit, Self, E>

Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

impl<T> LayoutRaw for T

Source§

fn layout_raw(_: <T as Pointee>::Metadata) -> Result<Layout, LayoutError>

Returns the layout of the type.
Source§

impl<T, N1, N2> Niching<NichedOption<T, N1>> for N2
where T: SharedNiching<N1, N2>, N1: Niching<T>, N2: Niching<T>,

Source§

unsafe fn is_niched(niched: *const NichedOption<T, N1>) -> bool

Returns whether the given value has been niched. Read more
Source§

fn resolve_niched(out: Place<NichedOption<T, N1>>)

Writes data to out indicating that a T is niched.
Source§

impl<T> Pointable for T

Source§

const ALIGN: usize

The alignment of pointer.
Source§

type Init = T

The type for initializers.
Source§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
Source§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
Source§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
Source§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
Source§

impl<T> Pointee for T

Source§

type Metadata = ()

The metadata type for pointers and references to this type.
Source§

impl<T> PolicyExt for T
where T: ?Sized,

Source§

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow only if self and other return Action::Follow. Read more
Source§

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow if either self or other returns Action::Follow. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more