Using LDAP Authentication

cloudscribe Core provides an interface ILdapHelper, and a default implementation that is "Not Implemented". We also have a working implementation and if you inject the working implementation then new settings will appear for LDAP under Administration > Security Settings.

LDAP Authentication can be used with Active Directory so long as your web server can communicate over the network with an Active Directory domain controller. We have not tested with other LDAP providers such as Open LDAP, but we expect it should work. Let us know if you try it.

To enable LDAP Authentication:

Add a nuget reference for cloudscribe.Core.Ldap

Then in your Config/CloudscribeFeatures.cs in your application, add this line:

services.AddCloudscribeLdapSupport(config);

After doing that if you login as administrator and visit Administration > Security Settings you will see new options for configuring LDAP.

Note that the default LDAP port is 389, but if using SSL then the default port for Active Directory is 636. Setting up Active Directory and SSL is beyond the scope of this article but you can find information on the web.

After you populate the settings and click Save, a new form will appear at the bottom to allow you to test the LDAP Settings.

If testing fails you will see an alert telling you to check the system log for error details.

Note also that upon successful authentication with LDAP (on the login page not the test form), a user is created in the cloudscribe database if it does not already exist, and the user will be prompted to provide an email address.

When using SSL for LDAP Authentication, you probably should validate the SSL certificate to be sure there is no spoofing. While we don't currently have a cross platform solution for doing that, you can implement and inject your own ILdapSslCertificateValidator.