\n\r\nimport ldap;\r\n\r\nsub vcl_error {\r\n if (obj.status == 401) {\r\n set obj.http.WWW-Authenticate = {"Basic realm="Authorization Required""};\r\n synthetic {"Error 401 Unauthorized"};\r\n return(deliver);\r\n }\r\n}\r\n\r\nsub vcl_recv{\r\n\r\nif(req.url ~ "^\/member\/"){\r\n if(!(req.http.Authorization &;amp;&;amp; ldap.simple_auth(\r\n true, \/\/V3\u30d7\u30ed\u30c8\u30b3\u30eb\u3067\u63a5\u7d9a\u3059\u308b\u304b\r\n "cn=Manager,dc=ldap,dc=example,dc=com", \/\/\u30d0\u30a4\u30f3\u30c9\u30a2\u30ab\u30a6\u30f3\u30c8\uff08User\uff09\r\n "password", \/\/\u30d0\u30a4\u30f3\u30c9\u30a2\u30ab\u30a6\u30f3\u30c8(Pass)\r\n "ldap:\/\/192.168.1.1\/ou=people,dc=ldap,dc=example,dc=com?uid?sub?(objectClass=*)", \/\/LDAP\u63a5\u7d9a\u5148\r\n ldap.get_basicuser(), \/\/\u8a8d\u8a3c\u3057\u305f\u3044\u30a2\u30ab\u30a6\u30f3\u30c8(User)\r\n ldap.get_basicpass() \/\/\u8a8d\u8a3c\u3057\u305f\u3044\u30a2\u30ab\u30a6\u30f3\u30c8(Pass)\r\n ))){\r\n error 401;\r\n }\r\n}\r\n\n<\/pre>\n\u30b0\u30eb\u30fc\u30d7\u3068\u30e6\u30fc\u30b6\u3067\u5236\u9650\u3057\u3066\u307f\u308b<\/h3>\n\n\r\nimport ldap;\r\n\r\nsub vcl_deliver{\r\n \/\/LDAP\u3092\u9589\u3058\u308b\r\n ldap.close();\r\n}\r\n\r\nsub vcl_error{\r\n if (obj.status == 401) {\r\n set obj.http.WWW-Authenticate = {"Basic realm="Authorization Required""};\r\n synthetic {"Error 401 Unauthorized"};\r\n return(deliver);\r\n }\r\n}\r\n\r\nsub vcl_recv{\r\n\r\n if(req.url ~ "^\/member\/"){\r\n \/\/LDAP\u306b\u63a5\u7d9a\r\n if(!(req.http.Authorization &;amp;&;amp; ldap.open(\r\n true, \/\/V3\u30d7\u30ed\u30c8\u30b3\u30eb\u3067\u63a5\u7d9a\u3059\u308b\u304b\r\n "cn=Manager,dc=ldap,dc=example,dc=com", \/\/\u30d0\u30a4\u30f3\u30c9\u30a2\u30ab\u30a6\u30f3\u30c8\uff08User\uff09\r\n "password", \/\/\u30d0\u30a4\u30f3\u30c9\u30a2\u30ab\u30a6\u30f3\u30c8(Pass)\r\n "ldap:\/\/192.168.1.1\/ou=people,dc=ldap,dc=example,dc=com?uid?sub?(objectClass=*)", \/\/LDAP\u63a5\u7d9a\u5148\r\n ldap.get_basicuser(), \/\/\u8a8d\u8a3c\u3057\u305f\u3044\u30a2\u30ab\u30a6\u30f3\u30c8(User)\r\n ldap.get_basicpass() \/\/\u8a8d\u8a3c\u3057\u305f\u3044\u30a2\u30ab\u30a6\u30f3\u30c8(Pass)\r\n ))){\r\n error 401;\r\n }\r\n \/\/\u30b0\u30eb\u30fc\u30d7\u306e\u7167\u5408\r\n if(!ldap.compare("cn=test,ou=people,dc=ldap,dc=example,dc=com","memberUid")){ldap.close();error 401;}\r\n \/\/\u30e6\u30fc\u30b6\u306e\u7167\u5408\r\n if(!ldap.require_user("uid=hogehoge,ou=people,dc=ldap,dc=example,dc=com")){ldap.close();error 401;}\r\n \/\/\u30d1\u30b9\u30ef\u30fc\u30c9\u306e\u7167\u5408\r\n if(!ldap.bind()){ldap.close();error 401;}\r\n ldap.close();\r\n }\r\n}\r\n\n<\/pre>\n\u3061\u306a\u307f\u306bget_basicuser\u3068get_basicpass\u3092\u4f7f\u3046\u3068
\nBASIC\u8a8d\u8a3c\u3092\u884c\u3063\u305f\u6642\u306b\u9001\u3089\u308c\u3066\u304f\u308bAuthorization\u30d8\u30c3\u30c0\u304b\u3089\u30e6\u30fc\u30b6ID\u3068\u30d1\u30b9\u3092\u53d6\u5f97\u3059\u308b\u4e8b\u304c\u3067\u304d\u307e\u3059\u3002<\/p>\n
\u306a\u304a\u30b7\u30f3\u30d7\u30eb\u306a\u8a8d\u8a3c\u3067\u4f7f\u3046simple_auth\u306f\u5185\u90e8\u3067\u306fopen\u3068bind\u3068close\u3092\u547c\u3073\u51fa\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n
\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u306f\u3053\u3061\u3089(vmod-ldap)<\/a><\/p>\n 
<\/a><\/div> 
<\/a><\/div> 
<\/a><\/div> 
<\/a><\/div> Tweet<\/a><\/div><\/div>\n
\n","protected":false},"excerpt":{"rendered":"\u6025\u306b\u3001LDAP\u306b\u30a2\u30af\u30bb\u30b9\u3057\u3066\u307f\u305f\u304f\u306a\u3063\u305f\u306e\u3067\u3001\u52c9\u5f37\u304c\u3066\u3089\u4f5c\u3063\u3066\u307f\u307e\u3057\u305f\u3002 \u3088\u304f\u4f7f\u308f\u308c\u305d\u3046\u306a\u3001\u30b7\u30f3\u30d7\u30eb\u306aLDAP\u306e\u8a8d\u8a3c\u306f\u3082\u3061\u308d\u3093 \u7279\u5b9a\u306e\u30b0\u30eb\u30fc\u30d7\u306b\u3060\u3051\u8a31\u53ef\u306e\u3088\u3046\u306a\u3053\u3068\u3082\u53ef\u80fd\u3067\u3059\u3002 VCL\u306f\u30ed\u30b8\u30c3\u30af\u304c\u304b\u3051\u308b\u306e\u3067\u3001\u89aa\u548c\u6027\u304c\u9ad8\u3044 […]<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[5,34,45],"class_list":["post-1236","post","type-post","status-publish","format-standard","hentry","category-3","tag-varnish","tag-vmod","tag-vmod_ldap","category-3-id","post-seq-1","post-parity-odd","meta-position-corners","fix"],"_links":{"self":[{"href":"https:\/\/blog.xcir.net\/index.php?rest_route=\/wp\/v2\/posts\/1236","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.xcir.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.xcir.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.xcir.net\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.xcir.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1236"}],"version-history":[{"count":14,"href":"https:\/\/blog.xcir.net\/index.php?rest_route=\/wp\/v2\/posts\/1236\/revisions"}],"predecessor-version":[{"id":1280,"href":"https:\/\/blog.xcir.net\/index.php?rest_route=\/wp\/v2\/posts\/1236\/revisions\/1280"}],"wp:attachment":[{"href":"https:\/\/blog.xcir.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1236"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.xcir.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1236"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.xcir.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1236"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}