By: Rahul Gupta user 22 Jan 2018 at 9:22 p.m. CST

3 Responses
Rahul Gupta gravatar

Hello,

I have a NodeJS application running on a different server from the Gluu server, but in the same enclave. I want to be able to access the Gluu LDAP programatically.

Per this: https://support.gluu.org/identity-management/4991/ldapsearch-cant-access-gluu-server-got-ldap_sasl_interactive_bind_s-cant-contact-ldap-server-1/

“It's not possible to access Gluu Server's LDAP data from outside of it's own VM. You need to create a reverse tunnel from your computer to do that. Here is an example: https://gluu.org/docs/ce/3.1.1/user-management/local-user-management/”

And per this: https://support.gluu.org/identity-management/4253/cant-connect-to-openldap-externally/

“Yes, by default it's not allowed to read Gluu ldap data from outside. You can create a reverse tunnel to your Gluu Server's ldapS address and then use this tunneling to access ldap data with your ldap browser.”

Per this, programmatically accessing a tunnel through SSH should work: https://stackoverflow.com/questions/1244717/accessing-ldap-through-ssh-tunnel

“Yes, ssh has a "-L" option to create a tunnel. That option takes 3 parameters, separated by colons (:). Local listen port, remote host, remote port.

ssh -L 9999:ldapserver:389 user@otherhost Where 9999 is the local port that the tunnel will be created on. The ldapserver:389 bit tells it where to connect to on the other side.

Then, tell your application to connect to localhost:9999 (or whatever port you choose) and it will be tunneled across.”

I’m a little unclear as to how this would work in terms of keeping a constant tunnel open.

Would it make more sense to install NodeJS on the Gluu server and then run a program that uses the NodeJS tunnel library here?: https://www.npmjs.com/package/tunnel

Thanks!

By mohib zico staff 23 Jan 2018 at 5:08 a.m. CST

mohib zico gravatar

I think the easiest way will be to modify your Gluu Server firewall as it can 'accept' connection to 1636 from app server.

By Rahul Gupta user 23 Jan 2018 at 1:55 p.m. CST

Rahul Gupta gravatar

Are there Firewall settings within Gluu configuration? I don't see them in the configuration GUI, and we don't have iptables installed on the CentOS server that houses Gluu.

By mohib zico staff 25 Jan 2018 at 6:50 a.m. CST

mohib zico gravatar

Are there Firewall settings within Gluu configuration? I don't see them in the configuration GUI

Firewall configuration is standard system administration job and fall into 'Platform support'; Gluu supply only software....

and we don't have iptables installed on the CentOS server that houses Gluu.

You can always install iptables/firewalld or ufw and configure firewall according to your need.