[pbs-devel] [PATCH proxmox-backup 05/17] auth: add LDAP module
Lukas Wagner
l.wagner at proxmox.com
Mon Jan 9 11:52:46 CET 2023
On 1/4/23 14:23, Wolfgang Bumiller wrote:
>> +#[derive(PartialEq, Eq)]
>> +/// LDAP connection security
>> +pub enum LdapConnectionMode {
> Is there any particular reason to not just reuse the API type?
>
>> + /// unencrypted connection
>> + Ldap,
>> + /// upgrade to TLS via STARTTLS
>> + StartTls,
>> + /// TLS via LDAPS
>> + Ldaps,
>> +}
>> +
>> +/// Configuration for LDAP connections
>> +pub struct LdapConfig {
> Same here, you could just reference the api config?
>
As mentioned in the commit message, the main rationale behind this decision
was decoupling this module from the rest of the system.
I did this with the thought in mind that `src/server/ldap.rs` could be
promoted to be its own crate, in case the we want to reuse the implementation
somewhere else. Our `proxmox-openid` crate seems to do the same thing, configuration-wise:
It provides its own configuration structs, and in the products using it, e.g. PBS, there
are adapters in place that map API-type -> OpenID-Config.
Maybe premature optmization^Wrefactoring, but at the time of writing this code
it seemed a good choice to me.
--
- Lukas
More information about the pbs-devel
mailing list