我们介绍了最近在 NGINX LDAP 参考实现中发现的安全漏洞,以及如何减轻这些漏洞。NGINX 开源版和 NGINX Plus 均不受漏洞影响,如果您不使用参考实现,则无需采取任何纠正措施。
Using NGINX Plus and NGINX to Authenticate Application Users with LDAP
Learn how to use the request_auth module in NGINX Plus & NGINX to direct to an LDP server authentication requests from users accessing protected resources