LdapServer has been replaced with LdapServers, which accepts a comma-seperated list of servers to try. Fixes #3

README.md

@@ -106,9 +106,9 @@ list.
 
 Set to `true` to use SSL to bind to the LDAP server. Default: `false`
 
-#### LdapServer
+#### LdapServers
 
-The LDAP server to use for searches and authentication.
+The LDAP servers to use for searches and authentication, separated by commas. These will be tried in-order.
 
 #### BaseDN
 

priv/local.d/ldap_auth.ini

@@ -15,14 +15,14 @@
     ; Enable SSL to the LDAP server.
     UseSsl = false
 
-    ; The LDAP server to use for searches and authentication.
-    LdapServer = ldap.example.com
+    ; The LDAP servers to use for searches and authentication, separated by commas. These will be tried in-order.
+    LdapServers = first.ldap.example.com, second.ldap.example.com, third.ldap.example.com
 
     ; The DN to narrow the scope of searches for users and groups.
     BaseDN = DC=example,DC=com
 
     ; ldap_auth will use this user DN and password to search for users trying to authenticate.
-    ; if you have anonymous LDAP queries enabled (not reccomended) you may simply provide the
+    ; if you have anonymous LDAP queries enabled (not recommended) you may simply provide the
     ; `anon` CN and a blank password.
     SearchUserDN = CN=ldapsearch,CN=Users,DC=example,DC=com
     SearchUserPassword = ldapsearch_password_here

src/ldap_auth_gateway.erl

@@ -47,8 +47,9 @@ connect() ->
   connect(SearchUserDN, SearchUserPassword).
 
 connect(DN, Password) ->
-  [LdapServer, UseSsl] = get_config(["LdapServer", "UseSsl"]),
-  case eldap:open([LdapServer], [{ssl, list_to_atom(UseSsl)}]) of
+  [LdapServers, UseSsl] = get_config(["LdapServers", "UseSsl"]),
+  LdapServerList = re:split(LdapServers, "\\s*,\\s*", [{return, list}]),
+  case eldap:open(LdapServerList, [{ssl, list_to_atom(UseSsl)}]) of
     {error, Reason} -> throw({ ldap_connection_error, Reason });
     {ok, LdapConnection} ->
       case eldap:simple_bind(LdapConnection, DN, Password) of