No LDAP SSL/StartTLS support in the Identity Broker?


#1

I’m trying to set up some LDAP support using the Tyk Identity broker. Our org LDAP host doesn’t allow bind unless we’re using a secure connection, either with StartTLS or SSL/TLS.

I can’t really read Go, but to me it looks like the active_directory provider is hard coded to use an unencrypted LDAP connection, with no fallback to try StartTLS if bind fails.

Are there any plans to implement StartTLS or SSL/TLS support? Or have I missed some option in the config that enables support for this?


#2

Not sure - the LDAP connector is pretty early days so I doubt it. There was no plan to do this, but it could go on the roadmap…

Of course, a pull request would be even better, TIB is an open source project after all :slight_smile:


#3

Hi, any plans to implement this feature? LDAPS
Error denotes it is still not available.