kube-ldap-authn - Kubernetes LDAP authentication service

  •        80

This is a Kubernetes LDAP authentication service. It allows the Kubernetes API server to authenticate users against an LDAP directory. Only authentication is supported, not authorization. It will work fine with RBAC, WebHook authorization, or any other authorization method that deals with users and groups. We have allocated the OIDs above for these schema types, so you can use them in your own schema if you like (although there is no requirement to do so).

https://github.com/torchbox/kube-ldap-authn

Tags
Implementation
License
Platform

   




Related Projects

nginx-ldap-auth - Example of LDAP authentication using ngx_http_auth_request_module

  •    Python

Note: For ease of reading, this document refers to NGINX Plus, but it also applies to open source NGINX. The prerequisite ngx_http_auth_request_module module is included both in NGINX Plus packages and prebuilt open source NGINX binaries. The nginx-ldap-auth software is a reference implementation of a method for authenticating users who request protected resources from servers proxied by NGINX Plus. It includes a daemon (ldap-auth) that communicates with an authentication server, and a sample daemon that stands in for an actual back-end server during testing, by generating an authentication cookie based on the user’s credentials. The daemons are written in Python for use with a Lightweight Directory Access Protocol (LDAP) authentication server (OpenLDAP or Microsoft Windows Active Directory 2003 and 2012).

devise_ldap_authenticatable - Devise Module for LDAP

  •    Ruby

Devise LDAP Authenticatable is a LDAP based authentication strategy for the Devise authentication framework. If you are building applications for use within your organization which require authentication and you want to use LDAP, this plugin is for you.

Adldap2-Laravel - LDAP Authentication & Management for Laravel

  •    PHP

Easy configuration, access, management and authentication to LDAP servers utilizing the root Adldap2 repository. Note: If you are using laravel 5.5 or higher you can skip the service provider and facade registration and continue with publishing the configuration file.

nginx-auth-ldap - LDAP authentication module for nginx

  •    C

LDAP module for nginx which supports authentication against multiple LDAP servers.

389 Directory Server - Powerful OpenSource LDAP

  •    C

The enterprise-class Open Source LDAP server for Linux. It is hardened by real-world use, is full-featured, supports multi-master replication, and already handles many of the largest LDAP deployments in the world. OpenLDAP and Fedora Directory Server were both derived from the original University of Michigan slapd project. In 1996 the original developers of slapd became Netscape employees and developed Netscape Directory Server, which is now Fedora Directory Server.


Adldap2 - A PHP LDAP Package for humans.

  •    PHP

Working with LDAP doesn't need to be hard. Adldap2 is a PHP package that provides LDAP authentication and directory management tools using the Active Record pattern.

APOP + LDAP auth for Qmail

  •    C

APOP + LDAP authentication patch for QMail (auth_pop) 1. POP amp; APOP authentication 2. Passwords in LDAP are stored encrypted

ADFS 2.0 Attribute Store for LDAP Directory

  •    

This project allows you to query an LDAP Directory that does not support Windows Authentication, which is a requirement to use the Out Of The Box ADFS 2.0 LDAP Attribute Store. You can easily connect to your LDAP server with a simple bind, then look for user attributes with...

Mandriva - Identity and Network Management

  •    C

Mandriva Directory Server is an enterprise directory platform based on LDAP designed to manage identities, access control informations, policies, application settings and user profiles. If you already use Samba, Postfix, Squid or CUPS, you can benefit from MDS today to manage your infrastructure.

ruby-net-ldap - Pure Ruby LDAP library

  •    Ruby

Net::LDAP for Ruby (also called net-ldap) implements client access for the Lightweight Directory Access Protocol (LDAP), an IETF standard protocol for accessing distributed directory services. Net::LDAP is written completely in Ruby with no external dependencies. It supports most LDAP client features and a subset of server features as well. Net::LDAP has been tested against modern popular LDAP servers including OpenLDAP and Active Directory. The current release is mostly compliant with earlier versions of the IETF LDAP RFCs (2251–2256, 2829–2830, 3377, and 3771). Our roadmap for Net::LDAP 1.0 is to gain full client compliance with the most recent LDAP RFCs (4510–4519, plus portions of 4520–4532).

LDAP Account Manager - Easy LDAP Management

  •    

LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. LAM was designed to make LDAP management as easy as possible for the user. It abstracts from the technical details of LDAP and allows persons without technical background to manage LDAP entries. If needed, power users may still directly edit LDAP entries via the integrated LDAP browser.

OpenLdap - Implementation of the Lightweight Directory Access Protocol (LDAP)

  •    C

OpenLDAP Software is an open source implementation of the Lightweight Directory Access Protocol. The OpenLDAP Project was started in 1998 by Kurt Zeilenga. The project started by cloning the LDAP reference source from the University Of Michigan where a long-running project had supported development and evolution of the LDAP protocol.

curl - A command line tool and library for transferring data with URL syntax, supporting HTTP, HTTPS, FTP, FTPS, GOPHER, TFTP, SCP, SFTP, SMB, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3, RTSP and RTMP

  •    C

curl is used in command lines or scripts to transfer data. It is also used in cars, television sets, routers, printers, audio equipment, mobile phones, tablets, settop boxes, media players and is the internet transfer backbone for thousands of software applications affecting billions of humans daily.

ApacheDS - Apache Directory Project

  •    Java

ApacheDS is an embeddable directory server entirely written in Java, which has been certified LDAPv3 compatible by the Open Group. Besides LDAP it supports Kerberos 5 and the Change Password Protocol. It has been designed to introduce triggers, stored procedures, queues and views to the world of LDAP which has lacked these rich constructs.

kubeadm-ha - Kubernetes high availiability deploy based on kubeadm (for v1

  •    Smarty

kube-apiserver: exposes the Kubernetes API. It is the front-end for the Kubernetes control plane. It is designed to scale horizontally – that is, it scales by deploying more instances. etcd: is used as Kubernetes’ backing store. All cluster data is stored here. Always have a backup plan for etcd’s data for your Kubernetes cluster. kube-scheduler: watches newly created pods that have no node assigned, and selects a node for them to run on. kube-controller-manager: runs controllers, which are the background threads that handle routine tasks in the cluster. Logically, each controller is a separate process, but to reduce complexity, they are all compiled into a single binary and run in a single process. kubelet: is the primary node agent. It watches for pods that have been assigned to its node (either by apiserver or via local configuration file) kube-proxy: enables the Kubernetes service abstraction by maintaining network rules on the host and performing connection forwarding. keepalived cluster config a virtual IP address (192.168.20.10), this virtual IP address point to k8s-master01, k8s-master02, k8s-master03. nginx service as the load balancer of k8s-master01, k8s-master02, k8s-master03's apiserver. The other nodes kubernetes services connect the keepalived virtual ip address (192.168.20.10) and nginx exposed port (16443) to communicate with the master cluster's apiservers.

JXplorer - A Java Ldap Browser

  •    Java

JXplorer is a cross platform LDAP browser and editor. It is a standards compliant general purpose LDAP client that can be used to search, read and edit any standard LDAP directory, or any directory service with an LDAP or DSML interface.

edirAuth

  •    

edirAuth is a .NET library for LDAP authentication to NetIQ (formerly Novell©) eDirectory. If you are a NetIQ Identity Management user you are probably using

play-pac4j - Security library for Play framework 2 in Java and Scala: OAuth, CAS, SAML, OpenID Connect, LDAP, JWT

  •    Java

The play-pac4j project is an easy and powerful security library for Play framework v2 web applications which supports authentication and authorization, but also logout and advanced features like CSRF protection. It can work with Deadbolt. It's based on Play 2.6 (and Scala 2.11 or Scala 2.12) and on the pac4j security engine v3. It's available under the Apache 2 license. The LogoutController logs out the user from the application.

LSC engine - LDAP Synchronization Connector

  •    Java

Ldap Synchronization Connector reads from any data source including databases, LDAP directories or files and transforms and compares this data to an LDAP directory. These connectors can then be used to continuously synchronize a data source to a directory, for a one shot import or just to compare differences by outputting CSV or LDIF format reports.

mx-LDAP-Suite

  •    Javascript

mx-LDAP-Suite mx-LDAP-vacation: auto responses mail on vacation and reads the message from LDAP. mx-LDAP-admin:Is a PHP based tool. It provides administration of LDAP-Directories (Add, modify and delete user-accounts,groups,aliases, samba-workstat