Anope IRC Services

Please login or register.

Login with username, password and session length
Advanced search  

News:

Pages: [1]   Go Down

Author Topic: Integrated LDAP authentication  (Read 7190 times)

0 Members and 1 Guest are viewing this topic.

ballock

  • Anope User
  • Offline Offline
  • Posts: 3
Integrated LDAP authentication
« on: October 03, 2012, 10:56:36 AM »

I am using Inspircd 2.0 with LDAP authentication module, so everybody who logged in have a "validated" username field.

I have found that Anope has an LDAP authentication module as well, but it seems that the user needs to manually authenticate to Services once he logs into the IRC server.

Is it possible to re-use the auth provided to the IRC server for Anope? Or grant privileges just by the username (not nick) without the person identifying manually?
Logged

Adam

  • Team
  • *
  • Offline Offline
  • Posts: 463
Re: Integrated LDAP authentication
« Reply #1 on: October 03, 2012, 10:58:43 AM »

No they will still need to identify to services manually.
Logged

ballock

  • Anope User
  • Offline Offline
  • Posts: 3
Re: Integrated LDAP authentication
« Reply #2 on: October 03, 2012, 11:09:17 AM »

Is there any way around this? Like some automation from Inspircd or perhaps is it possible from an additional (inspircd or anope) module?
Logged

Adam

  • Team
  • *
  • Offline Offline
  • Posts: 463
Re: Integrated LDAP authentication
« Reply #3 on: October 03, 2012, 11:11:20 AM »

There are no existing modules that I'm aware of. One could always be written though.
Logged

ballock

  • Anope User
  • Offline Offline
  • Posts: 3
Re: Integrated LDAP authentication
« Reply #4 on: October 04, 2012, 07:19:26 AM »

So it's possible to achieve? I mean, there is no design limitations?

What I was afraid of was that a linked server cannot pass the auth data to the Services (well, that would be reasonable security-wise).

Or would that actually mean that I need to write an Inspircd module that would pass /msg NickServ user password to the Services?
Logged

Adam

  • Team
  • *
  • Offline Offline
  • Posts: 463
Re: Integrated LDAP authentication
« Reply #5 on: October 04, 2012, 07:26:06 AM »

You should have the server send an PRIVMSG from the user to services because that is the only way for newly registered accounts to be detected and created. If you know they already have an account you can simply just have the IRCd introduce them with an account by setting the account to the user before they are introduced over the network.
Logged

katsklaw

  • Supporter
  • Anope User
  • Offline Offline
  • Posts: 537
Re: Integrated LDAP authentication
« Reply #6 on: October 04, 2012, 04:26:17 PM »

This technology does exist. It's called SASL and many clients as well as ircds and other services packages already support it.
Logged
Pages: [1]   Go Up