Backends
GLAuth’s architecture is very simple: a frontend manages your LDAP requests, and a series of pluggable backends serve the results.
The default backends are: config/file, ownCloud and ldap. The latter allows GLAuth to act as a LDAP proxy to one or more existing LDAP servers.
Additional backends, available as plugins, let you wire databases as authentication providers.
Unfortunately, Go plugins are not compatible with Windows OS. Therefore, they are only available on Linux and MacOS.
In order to work around this limitation, an experimental version of GLAuth has been in the works: it leverages a new backend type, embed
Chaining
Backends can be chained to inject features that are not originally available. For instance, you can setup GLAuth to forward authentication requests to an existing OpenLDAP server, but not before using another backend to inject two-factor authentication checks:
1[[backends]] 2 datastore = "ldap" 3 servers = ["ldap:s//localhost:390"] 4 5[[backends]] 6 datastore = "config" 7 8... 910[[users]]11 name = "hackers"12 otpsecret = "................"