Refactor and enhance LDAP plugin configuration and validation
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
- Updated `LdapPluginOptions` to enforce TLS and client certificate requirements. - Added validation checks for TLS configuration in `LdapPluginOptionsTests`. - Improved error handling in `DirectoryServicesLdapConnectionFactory` for StartTLS negotiation. - Enhanced logging in `LdapCredentialStore` to include detailed audit properties for credential verification. - Introduced `StubStructuredRetriever` and `StubVectorRetriever` for testing in `ToolsetServiceCollectionExtensionsTests`. - Refactored `AdvisoryGuardrailPipelineTests` to improve test clarity and structure. - Added `FileSystemAdvisoryTaskQueueTests` for testing queue functionality. - Updated JSON test data for consistency with new requirements. - Modified `AdvisoryPipelineOrchestratorTests` to reflect changes in metadata keys.
This commit is contained in:
master
@@ -21,6 +21,7 @@ connection:
|
||||
|
||||
security:
|
||||
requireTls: true
|
||||
requireClientCertificate: false # set to true to enforce mutual TLS client authentication
|
||||
allowInsecureWithEnvToggle: false # set STELLAOPS_LDAP_ALLOW_INSECURE=true to permit TLS downgrade
|
||||
allowedCipherSuites:
|
||||
- "TLS_AES_256_GCM_SHA384"
|
||||
|
||||
Reference in New Issue
Block a user