Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

LDAP Authentication? #295

Closed
lue30499 opened this issue Feb 15, 2024 · 5 comments
Closed

LDAP Authentication? #295

lue30499 opened this issue Feb 15, 2024 · 5 comments
Assignees
@hargata
Labels
wontfix This will not be worked on

Comments

@lue30499
Copy link

Similar to #287 .

I have most of my app authenticated with ldap/sso. So I can have one user account across all my apps with out needing to maintain >20 user stores.
@hargata
Copy link
Owner

hargata commented Feb 16, 2024

Just added OIDC support: https://docs.lubelogger.com/OpenID

Let me know if this will work for your use case.

@ShadowPeo
Copy link

I too would like LDAP over OIDC, but OIDC is a secondary if we get no LDAP. The primary reason I would prefer it, is that it is local. I could run something like Keycloak locally but that's just another layer I would then need to manage, LDAP direct does not have this.

@hargata hargata self-assigned this Feb 28, 2024
@GlenNicholls
Copy link

GlenNicholls commented Apr 16, 2024
edited
Loading

I too would like LDAP over OIDC, but OIDC is a secondary if we get no LDAP. The primary reason I would prefer it, is that it is local. I could run something like Keycloak locally but that's just another layer I would then need to manage, LDAP direct does not have this.

I'm using OIDC with Authentik. I don't use Keycloak so can't speak to that, but Authentik can handle forward auth, OIDC, LDAP, etc. so identification is managed by a single tool

@marlowleon
Copy link

I too would like LDAP over OIDC, but OIDC is a secondary if we get no LDAP. The primary reason I would prefer it, is that it is local. I could run something like Keycloak locally but that's just another layer I would then need to manage, LDAP direct does not have this.

I'm using OIDC with Authentik. I don't use Keycloak so can't speak to that, but Authentik can handle forward auth, OIDC, LDAP, etc. so identification is managed by a single tool

im having issues with authentik, it just loops when trying to sign in. Did you do anything specific?

@hargata hargata added the wontfix This will not be worked on label Jan 20, 2025
@hargata
Copy link
Owner

hargata commented Jan 20, 2025

After some consideration, we have decided not to pursue this feature as the scope can easily be covered using a dedicated OIDC Provider such as Authentik, Authelia, Keycloak, etc. We have looked into it, built a mvp, and realized that our implementation of LDAP is probably not going to be as secure/robust as dedicated Auth providers.

@hargata hargata closed this as not planned Won't fix, can't repro, duplicate, stale Jan 20, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@hargata hargata

Labels
wontfix This will not be worked on
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@ShadowPeo @GlenNicholls @lue30499 @marlowleon @hargata