LDAP Authentication way past due
Bryan
Public
Seen by 153
First I'd like to thank you guys for the Diaspora and all of the developer contributions. I have nothing but praise for the Diaspora Project, but LDAP authentication is way past due.
I drop by the IRC channel every once and a while and I ask about LDAP authentication and I am greeted with a bit of reticence each time. I was told by a developer that none of the developers have the environment so it's not really a priority.
I was also told that I should implement it myself as if LDAP it is of very little consequence...like LDAP was some special feature that only I had a use case for. I actually did implement LDAP on my private pod which is running till this day but the code can't be updated because it breaks it.
Why isn't LDAP auth on the roadmap for Diaspora? Mind you, I don't know ruby but I got my pod to authenticate via LDAP and grab the users picture from the directory also. I almost got it working again with 0.3.0.3 and I'll eventually succeed, it's a lot of for work something that frankly should already be there. I can't/won't open my pod up for registrations without LDAP authentication
Diaspora would be running in a lot of schools, companies and large user environments. Even Media Goblin has LDAP support via python-ldap; it's just what you expect. Diaspora adoption and code contributions would definitely sky rocket if ldap authentication were there.
At this late date in the project, why is it not implemented yet? Most importantly do you guys not think that LDAP authentication and third part authentication support is critical?
Thanks,
Bryan
Rasmus Fuhse Fri 21 Mar 2014 5:38AM
Fun fact: In fact to add some lines into a AGPL-code will always be an open source changeset because of the strong copyleft of (A)GPL.
Alexander Kallenbach Thu 31 Jul 2014 8:11AM
I totally agree with Bryan. LDAP Authentication way past due!
rekado Fri 1 Aug 2014 6:14AM
FWIW: Libertree implemented LDAP auth upon request. It's neither difficult, nor a maintenance burden (I personally don't use LDAP on my server). For keeping it working there are tests and there are usually no changes done to the authentication code that would break this.
There are very simple to use LDAP servers out there such as 389 Directory Server.
Libertree isn't using devise for auth but you are free to check out our code and take whatever you like.
Jason Robinson Fri 1 Aug 2014 5:14PM
I'd vote for merging LDAP in BUT someone needs to do the code. Endlessly requesting someone to do it will not make it happen :)
Deleted account Sat 2 Aug 2014 6:43PM
Could this be a part of a bigger project ? I mean : let people have different ways to authentificate ? E.g : would a Mozilla Persona authentification mecanism be difficult or exhausting to maintain ?
Jason Robinson Sat 2 Aug 2014 8:36PM
Deleted account Sat 2 Aug 2014 10:00PM
Ah ! Sry ! Didn't know !
Jason Robinson Sat 2 Aug 2014 10:11PM
@augier no need to be sorry :D Just pointing that there is already discussion about it :)
Deleted account Sat 2 Aug 2014 10:34PM
Ok. I don't see any pull request for that feature. Has anybody worked on untill then ?
Maciek Łoziński · Thu 20 Mar 2014 9:16PM
Sorry, @bryan. I didn't know that your solution was already open source.