I’m trying to set up some LDAP support using the Tyk Identity broker. Our org LDAP host doesn’t allow bind unless we’re using a secure connection, either with StartTLS or SSL/TLS.
I can’t really read Go, but to me it looks like the active_directory
provider is hard coded to use an unencrypted LDAP connection, with no fallback to try StartTLS if bind fails.
Are there any plans to implement StartTLS or SSL/TLS support? Or have I missed some option in the config that enables support for this?