Support for some optional features

[Makonike]

• tls, bool, default false

Set to true if LDAP server should use an encrypted TLS connection, either with StartTLS or regular TLS.

• startTLS, bool, default false

If set to true, instructs this filter to issue a StartTLS request(sends the command to start a TLS session and then creates a new TLS Client) when initializing the connection with the LDAP server. If the startTLS setting is enabled, it is important to ensure that the tls setting is also enabled.

• insecureSkipVerify, bool, default false

When TLS is enabled, the connection to the LDAP server is verified to be secure. This option allows the filter to proceed and operate even for server connections otherwise considered insecure.

• rootCA, string, default ""

The rootCA option should contain one or more PEM-encoded certificates to use to establish a connection with the LDAP server if the connection uses TLS but that the certificate was signed by a custom Certificate Authority.

---

If there are any other optional features or requirements you need, welcome to propose relevant suggestions.

[doujiang24]

oh, I think we better use camelCase arg name.

here is a nice example, as @spacewander has suggested before.
https://plugins.traefik.io/plugins/628c9eb7ffc0cd18356a979c/ldap-auth

[spacewander]

• tls, bool, default false

If set to true, instructs this filter to issue a StartTLS request when initializing the connection with the LDAP server.

Do you mean a regular TLS request? The StartTLS request is different from the TLS one.

[Makonike]

Do you mean a regular TLS request? The StartTLS request is different from the TLS one.

Yes, I apologize for the confusion. What I meant is a regular TLS request, which is a request made over a secure TLS connection.

[spacewander]

Do you mean a regular TLS request? The StartTLS request is different from the TLS one.

Yes, I apologize for the confusion. What I meant is a regular TLS request, which is a request made over a secure TLS connection.

I see