Allow disabling anonymous/unauth binds
davidfrickert opened this issue · 3 comments
Is your feature request related to a problem? Please describe.
I would like to easily disable anonymous and unauth binds.
This is supported by the bitnami image with an env var: https://github.com/bitnami/containers/blob/8d0a4f5794335e0a3f277445945c951a287abc9a/bitnami/openldap/README.md?plain=1#L191
LDAP_ALLOW_ANON_BINDING
: Allow anonymous bindings to the LDAP server. Default: yes.
Describe the solution you'd like
Add new values.yaml group e.g. security
and underneath ldap_allow_anon_binding
and then use it to set the env var in the stateful set.
security:
ldap_allow_anon_binding: 'no' / 'yes'
Describe alternatives you've considered
n/a
Additional context
Should the default be 'yes' to match bitnami default? Or should it be 'no' to increase a bit the security of the default installation? (would be a breaking change)
can also add it to env
Hi @davidfrickert ,
out of the box I can recommend you to use env
directly . It’s should be up to the users to decide whether it should be yes or no .
I’ll take the action to add it by default in the values so everyone can benefit from it