--- /dev/null
+#
+# Input packet
+#
+Packet-Type = Access-Request
+User-Name = "john"
+User-Password = "password"
+NAS-IP-Address = 1.2.3.5
+
+#
+# Expected answer
+#
+Packet-Type == Access-Accept
--- /dev/null
+#
+# Run the "ldap" module
+#
+ldapsasl
+
+if (!(&control.LDAP-UserDN == "uid=john,ou=people,dc=example,dc=com")) {
+ test_fail
+}
+
+# Attempt a bind authentication
+ldapsasl.authenticate
+
+test_pass
retry_delay = 1
}
}
+
+#
+# Fourth LDAP connection using SASL for auth binds
+#
+ldap ldapsasl {
+ server = "$ENV{LDAP_TEST_SERVER}"
+ port = $ENV{LDAP_TEST_SERVER_PORT}
+
+ identity = 'cn=admin,dc=example,dc=com'
+ password = secret
+
+ base_dn = 'dc=example,dc=com'
+
+ sasl {
+ }
+
+ user {
+ base_dn = "ou=people,${..base_dn}"
+ filter = "(uid=%{%{Stripped-User-Name}:-%{User-Name}})"
+ sasl {
+ mech = 'DIGEST-MD5'
+ authname = &User-Name
+ }
+ }
+
+ options {
+ chase_referrals = yes
+ rebind = yes
+ referral_depth = 2
+ timeout = 10
+ timelimit = 3
+ idle = 60
+ probes = 3
+ interval = 3
+ }
+
+ pool {
+ start = 0
+ min = 1
+ max = 4
+ spare = 3
+ uses = 0
+ lifetime = 0
+ idle_timeout = 60
+ retry_delay = 1
+ }
+}
projects / thirdparty / freeradius-server.git / commitdiff
