So I was getting all sort of weird errors due to mismatch in the dn. Then we decided to switch to Apache Directory Studio from OpenLDAP, as it is more user-friendly. Finally, I got Tyk configured with LDAP, thanks to Apache Directory Studio.
First, I had to configure the profiles.json of Tyk.
[{
"ActionType": "GenerateOrLoginUserProfile",
"ID": "4",
"OrgID": "573cb5c7a57xxxdeb1f78000001",
"ProviderConfig": {
"FailureRedirect": "http://dashboard.tyk-local.com:3000/?fail=true",
"LDAPAttributes": [],
"LDAPPort": "10389",
"LDAPServer": "localhost",
"LDAPUserDN": "cn=*USERNAME*,ou=people,dc=sharmalab,dc=bmi,dc=emory,dc=edu"
},
"ProviderName": "ADProvider",
"ReturnURL": "http://dashboard.tyk-local.com:3000/tap",
"Type": "passthrough"
}
]
and also tib.conf, reflecting the ports and all.
{
"Secret": "934893845123491xxx238192381486djfhr87234827348",
"HttpServerOptions": {
"UseSSL": false,
"CertFile": "./certs/server.pem",
"KeyFile": "./certs/server.key"
},
"BackEnd": {
"Name": "in_memory",
"ProfileBackendSettings": {},
"IdentityBackendSettings": {
"Hosts" : {
"localhost": "6379"
},
"Password": "",
"Database": 0,
"EnableCluster": false,
"MaxIdle": 1000,
"MaxActive": 2000
}
},
"TykAPISettings": {
"GatewayConfig": {
"Endpoint": "http://dashboard.tyk-local.com",
"Port": "8080",
"AdminSecret": "54321"
},
"DashboardConfig": {
"Endpoint": "http://dashboard.tyk-local.com",
"Port": "3000",
"AdminSecret": "12345"
}
}
}
Finally, I was able to send a POST request to http://localhost:3010/auth/4/ldap?username=pradeeban&password=34%$%$4w33
INFO[0008] [AD AUTH] User bind successful: pradeeban
INFO[0008] [TYK ID HANDLER] Creating identity for: {map[] ADProvider pradeeban@ADProvider pradeeban }