The way I have approached this is to enable web2py's manage_groups. With this enables and configured any AD user who logs in will have thier AD groups added to auth_groups. with corresponding permissions. From there you can use the built in auth decorators to control access based on group membership.
The only issue is that groups are created after the user first logs in. Pre populating all domain groups you are interested in may take a separate task or logining in one time with a dummy AD account that is a member of all groups you are interested in. On Sunday, September 15, 2013 2:09:01 PM UTC-4, Luca Guerrieri wrote: > > Hi people, > i'm developing an application with web2py (very awesome project) and I'm > able to bind it with an AD server (also with a Samba as AD) > I'm able to restrict the login chain to the ldap users but I'm not able to > define then to restrict, e.g.. for a page, the access to a particular group > defined into the ldap tree ... > > so, if i've ou=MyOU and inside 2 groups Group1 and Group2and I've 2 pages > PageGroup1 and PageGroup2 in which way I can auth the access > for every group to its respective page ? > > Thank you in advance > > Luca > > > -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
