Add ability to disable LDAP certificate validation
This commit is contained in:
parent
85f330c79a
commit
6c14c09880
3 changed files with 9 additions and 0 deletions
|
@ -76,6 +76,8 @@ LDAP_GROUP_ATTRIBUTE="memberOf"
|
|||
# Would you like to remove users from roles on BookStack if they do not match on LDAP
|
||||
# If false, the ldap groups-roles sync will only add users to roles
|
||||
LDAP_REMOVE_FROM_GROUPS=false
|
||||
# Set this option to disable LDAPS Certificate Verification
|
||||
LDAP_TLS_INSECURE=false
|
||||
|
||||
# Mail settings
|
||||
MAIL_DRIVER=smtp
|
||||
|
|
|
@ -169,8 +169,14 @@ class LdapService
|
|||
}
|
||||
$hostName = $ldapServer[0] . ($hasProtocol?':':'') . $ldapServer[1];
|
||||
$defaultPort = $ldapServer[0] === 'ldaps' ? 636 : 389;
|
||||
|
||||
$ldapConnection = $this->ldap->connect($hostName, count($ldapServer) > 2 ? intval($ldapServer[2]) : $defaultPort);
|
||||
|
||||
// Check if TLS_INSECURE is set
|
||||
if($this->config['tls_insecure']) {
|
||||
$this->ldap->setOption($ldapConnection, LDAP_OPT_X_TLS_REQUIRE_CERT, LDAP_OPT_X_TLS_NEVER);
|
||||
}
|
||||
|
||||
if ($ldapConnection === false) {
|
||||
throw new LdapException(trans('errors.ldap_cannot_connect'));
|
||||
}
|
||||
|
|
|
@ -148,6 +148,7 @@ return [
|
|||
'user_to_groups' => env('LDAP_USER_TO_GROUPS',false),
|
||||
'group_attribute' => env('LDAP_GROUP_ATTRIBUTE', 'memberOf'),
|
||||
'remove_from_groups' => env('LDAP_REMOVE_FROM_GROUPS',false),
|
||||
'tls_insecure' => env('LDAP_TLS_INSECURE', false),
|
||||
]
|
||||
|
||||
];
|
||||
|
|
Loading…
Reference in a new issue