SQL Injection is a well known attack vector, and most SQL libraries provide mitigations such as prepared statements. For example, if User A is a member of Group A, and Group A is a member of Group B, using Conn.ObjectGroups on User A will return both Group A and Group B. Since v3.1.0, AuthenticateExtended and Conn.ObjectGroups will automatically search for nested groups. UserPrincipalName of a test user that will be used to test password changing functions LDAP Base DN - for testing the root DN is recommended, e.g. NONE || TLS || STARTTLS || INSECURETLS || INSECURESTARTTLS - defaults to STARTTLS Hostname or IP Address of an Active Directory server Most tests will be skipped unless you supply the following environment variables to connect to an Active Directory server: Name Authenticate( config, username, password) Username := "user" password := "pass" status, err := auth. One notable difference to be careful of is that while v1's Login will return false if the user is not in the specified group, v3's AuthenticateExtended will return true if the user authenticated successfully, regardless if they were in any of the specified groups or not. There are similarities, but v3 is not backwards-compatible. The v3 API is almost a complete rewrite of the older gopkg.in/korylprince/go-ad-auth.v1 API. However, updates made to v3 are not backported to v2. V3 was created to support Go Modules, so it is backwards compatible with v2. The new API is cleaner, more idiomatic, exposes a lot more functionality, and is fully testable. You should update to the v3 API when possible. If you have any issues or questions create an issue. Go get gopkg.in/korylprince/go-ad-auth.v3 Go-ad-auth is a simple wrapper around the great ldap library to help with Active Directory authentication.
0 kommentar(er)
