@@ -7,12 +7,12 @@ weight: 4
77
88## LDAP Authentication
99
10- Out of the box Defect Dojo does not support LDAP authentication.
10+ Out of the box DefectDojo does not support LDAP authentication.
1111
12- * However* , since Defect Dojo is built using Django, it isn't too difficult to add support for LDAP.
12+ * However* , since DefectDojo is built using Django, it isn't too difficult to add support for LDAP.
1313So long as you don't mind building your own Docker images...
1414
15- We will need to modify a grand total of 4-5 files, depending on how you want to pass Dojo your LDAP secrets.
15+ We will need to modify a grand total of 4-5 files, depending on how you want to pass DefectDojo your LDAP secrets.
1616
1717 - Dockerfile.django-*
1818 - Dockerfile.nginx-*
@@ -23,7 +23,14 @@ We will need to modify a grand total of 4-5 files, depending on how you want to
2323
2424#### Dockerfile modifications
2525
26- In both Dockerfile.django and Dockerfile.nginx, you want to add the following lines to the apt-get install layers:
26+ In both ` Dockerfile.django-alpine ` and ` Dockerfile.nginx-alpine ` , you need to add the following lines to the ` apk add ` layers:
27+
28+ ``` bash
29+ openldap-dev \
30+ cyrus-sasl-dev \
31+ ```
32+
33+ Also, in ` Dockerfile.django-debian ` , you need to add the following lines to the ` apt-get install ` layers:
2734
2835``` bash
2936libldap2-dev \
@@ -42,8 +49,8 @@ Please check for the latest version of these requirements at the time of impleme
4249Otherwise add the following to requirements.txt:
4350
4451``` python
45- python- ldap== 3.4 .2
46- django- auth- ldap== 4.1 .0
52+ python- ldap== 3.4 .5
53+ django- auth- ldap== 5.2 .0
4754```
4855
4956
@@ -55,21 +62,25 @@ At the top of the file:
5562``` python
5663import ldap
5764from django_auth_ldap.config import LDAPSearch, GroupOfNamesType
65+ import environ
5866```
5967
6068Then further down add LDAP settings to the env dict:
6169``` python
6270# LDAP
63- DD_LDAP_SERVER_URI = (str , ' ldap://ldap.example.com'
64- DD_LDAP_BIND_DN = (str , ' '
65- DD_LDAP_BIND_PASSWORD = (str , ' '
71+ env = environ.FileAwareEnv(
72+ DD_LDAP_SERVER_URI = (str , ' ldap://ldap.example.com'
73+ DD_LDAP_BIND_DN = (str , ' '
74+ DD_LDAP_BIND_PASSWORD = (str , ' '
75+ )
6676```
6777
6878Then under the env dict add:
6979``` python
7080AUTH_LDAP_SERVER_URI = env(' DD_LDAP_SERVER_URI'
7181AUTH_LDAP_BIND_DN = env(' DD_LDAP_BIND_DN'
7282AUTH_LDAP_BIND_PASSWORD = env(' DD_LDAP_BIND_PASSWORD'
83+
7384AUTH_LDAP_USER_SEARCH = LDAPSearch(
7485 " ou=Groups,dc=example,dc=com" SCOPE_SUBTREE , " (uid=%(user)s )"
7586)
@@ -116,7 +127,7 @@ Read the docs for Django Authentication with LDAP here: https://django-auth-ldap
116127
117128#### docker-compose.yml
118129
119- In order to pass the variables to the local_settings.py file via docker, it's a good idea to add these to the docker compose file.
130+ In order to pass the variables to the ` local_settings.py ` file via docker, it's a good idea to add these to the ` docker- compose.yml ` file.
120131
121132You can do this by adding the following variables to the environment section for the uwsgi image:
122133``` yaml
@@ -125,4 +136,4 @@ DD_LDAP_BIND_DN: "${DD_LDAP_BIND_DN:-}"
125136DD_LDAP_BIND_PASSWORD : " ${DD_LDAP_BIND_PASSWORD:-}"
126137` ` `
127138
128- Alternatively you can set these values in a local_settings.py file.
139+ Alternatively you can set these values in a ` local_settings.py` file.
0 commit comments