LDAP

Jan 1, 0001

Definition

LDAP (Lightweight Directory Access Protocol) is an open, vendor-neutral application protocol used for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network. It is commonly used for authentication and authorization services, allowing users to access resources in a network by querying and modifying directory services like Active Directory or OpenLDAP.

Secure Settings Example

# Example LDAP configuration for secure communication
ldap:
  host: ldap.example.com
  port: 636
  useSSL: true
  sslTrustStore: /path/to/truststore.jks
  sslTrustStorePassword: changeit
  bindDN: "cn=admin,dc=example,dc=com"
  bindPassword: "securePassword"
  userSearchBase: "ou=users,dc=example,dc=com"
  groupSearchBase: "ou=groups,dc=example,dc=com"
  userSearchFilter: "(uid={0})"
  groupSearchFilter: "(member={0})"

Insecure Settings Example

# Example LDAP configuration with insecure settings
ldap:
  host: ldap.example.com
  port: 389
  useSSL: false
  bindDN: "cn=admin,dc=example,dc=com"
  bindPassword: "password"
  userSearchBase: "ou=users,dc=example,dc=com"
  groupSearchBase: "ou=groups,dc=example,dc=com"
  userSearchFilter: "(uid={0})"
  groupSearchFilter: "(member={0})"

LDAP

Definition

Secure Settings Example

Insecure Settings Example

Ask AppSec: free security newsletter

Ask AppSec: free security newsletter