guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joseph Bernard <...@clemson.edu>
Subject Re: way to stop LDAP search after authentication?
Date Mon, 28 Nov 2016 17:12:03 GMT
I decided to be a horrible person and commented out the search in incubator-guacamole-client/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/user/UserService.java
and recompiled.

            // Find all Guacamole users underneath base DN
            LDAPSearchResults results = new LDAPSearchResults();
/*
ldapConnection.search(
                confService.getUserBaseDN(),
                LDAPConnection.SCOPE_SUB,
               	"(&(objectClass=*)(" + escapingService.escapeLDAPSearchFilter(usernameAttribute)
+ "=*))",
               	null,
               	false,
               	constraints
            );
*/

Sorry if I make someone cry, but it may be useful to another horrible person.  Of course,
I don’t know what doing this actually breaks.  Please yell at me if you have that answer.


Thanks,
Joseph B.


On 11/24/16, 2:35 PM, "Joseph Bernard" <jhb@clemson.edu> wrote:

    I’m using 0.9.10 with MySQL/LDAP authentication.  I noticed a 10 second delay when logging
in.  With a packet capture I found that a search was being done after a successful LDAP authentication.
 My settings are as follows:
    
    ldap-hostname: ldap.abc.com
    ldap-user-base-dn: ou=users,ou=people,o=abc
    ldap-username-attribute: cn
    
    The search being done if for the first 1000 records of ou=users,ou=people,o=abc with a
filter of (&(objectClass=*)(cn=*))
    
    While I am interested in what it’s doing, I’m more interested in stopping this search
to prevent a 10 second delay every time someone logs in.  Is there a config option I’m missing
or have done incorrectly?
    
    
    Thanks,
    Joseph B.
    
    

Mime
View raw message