Friday, May 20, 2016

Tyk with Apache Directory Studio

So I was getting all sort of weird errors due to mismatch in the dn. Then we decided to switch to Apache Directory Studio from OpenLDAP, as it is more user-friendly. Finally, I got Tyk configured with LDAP, thanks to Apache Directory Studio.


First, I had to configure the profiles.json of Tyk.
[{
    "ActionType": "GenerateOrLoginUserProfile",
    "ID": "4",
    "OrgID": "573cb5c7a57xxxdeb1f78000001",
    "ProviderConfig": {
        "FailureRedirect": "http://dashboard.tyk-local.com:3000/?fail=true",
        "LDAPAttributes": [],
        "LDAPPort": "10389",
        "LDAPServer": "localhost",
        "LDAPUserDN": "cn=*USERNAME*,ou=people,dc=sharmalab,dc=bmi,dc=emory,dc=edu"
    },
    "ProviderName": "ADProvider",
    "ReturnURL": "http://dashboard.tyk-local.com:3000/tap",
    "Type": "passthrough"
}
]

and also tib.conf, reflecting the ports and all.
{
    "Secret": "934893845123491xxx238192381486djfhr87234827348",
    "HttpServerOptions": {
        "UseSSL": false,     
        "CertFile": "./certs/server.pem",
        "KeyFile": "./certs/server.key"
    },
    "BackEnd": {
        "Name": "in_memory",
        "ProfileBackendSettings": {},
        "IdentityBackendSettings": {
            "Hosts" : {
                "localhost": "6379"
            },
            "Password": "",
            "Database": 0,
            "EnableCluster": false,
            "MaxIdle": 1000,
            "MaxActive": 2000
        }
    },
    "TykAPISettings": {
        "GatewayConfig": {
            "Endpoint": "http://dashboard.tyk-local.com",
            "Port": "8080",
            "AdminSecret": "54321"
        },
        "DashboardConfig": {
            "Endpoint": "http://dashboard.tyk-local.com",
            "Port": "3000",
            "AdminSecret": "12345"
        }
    }
}

Finally, I was able to send a POST request to http://localhost:3010/auth/4/ldap?username=pradeeban&password=34%$%$4w33

INFO[0008] [AD AUTH] User bind successful: pradeeban   
INFO[0008] [TYK ID HANDLER] Creating identity for: {map[] ADProvider pradeeban@ADProvider    pradeeban    }

No comments:

Post a Comment

You are welcome to provide your opinions in the comments. Spam comments and comments with random links will be deleted.