[web2py:24419] Re: ldap authentication

Thu, 18 Jun 2009 03:47:15 -0700 

On Jun 18, 11:24 am, Johann Spies <johann.sp...@gmail.com> wrote:
> How do I implement that in web2py?

Current version: not possible.

With patched version, like this (also sent by email to you & Massimo):
auth.settings.login_methods=[ldap_auth(server='stbldap01.sun.ac.za',
base_dn='ou=users,O=SU', mode='cn', secure=True]

Patch:
--- gluon\contrib\login_methods\ldap_auth.py.934        Thu Jun 18 11:42:58
2009
+++ gluon\contrib\login_methods\ldap_auth.py    Thu Jun 18 11:45:12 2009
@@ -1,9 +1,8 @@
 import ldap
-#import sys

 def ldap_auth(server='ldap', port=389,
             base_dn='ou=users,dc=domain,dc=com',
-            mode='uid'):
+            mode='uid', secure=False):
     """
     to use ldap login with MS Active Directory:
     auth.settings.login_methods.append(ldap_auth(mode='ad',
server='my.domain.controller', base_dn='ou=Users,dc=domain,dc=com'))
@@ -13,6 +12,8 @@

     to use ldap login with OpenLDAP:
     auth.settings.login_methods.append(ldap_auth
(server='my.ldap.server', base_dn='ou=Users,dc=domain,dc=com'))
+    or (if using CN)
+    auth.settings.login_methods.append(ldap_auth(mode='cn',
server='my.ldap.server', base_dn='ou=Users,dc=domain,dc=com'))
     """
     def ldap_auth_aux(username,
             password,
@@ -21,7 +22,10 @@
             ldap_basedn=base_dn,
             ldap_mode=mode):
         try:
-            con = ldap.initialize("ldap://"; + ldap_server + ":" + str
(ldap_port))
+            if secure:
+                con = ldap.initialize("ldap://"; + ldap_server + ":" +
str(ldap_port))
+            else:
+                con = ldap.initialize("ldaps://" + ldap_server + ":"
+ str(ldap_port))
             if ldap_mode == 'ad':
                 # Microsoft Active Directory
                 con.set_option(ldap.OPT_PROTOCOL_VERSION, 3)
@@ -36,8 +40,12 @@
                 if "@" in username:
                     username = username.split("@")[0]
                 con.simple_bind_s(username, password)
+            if ldap_mode == 'cn':
+                # OpenLDAP (CN)
+                dn = "cn="+username+","+ldap_basedn
+                con.simple_bind_s(dn, password)
             if ldap_mode == 'uid':
-                # OpenLDAP
+                # OpenLDAP (UID)
                 dn = "uid="+username+","+ldap_basedn
                 con.simple_bind_s(dn, password)
             con.unbind()


--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"web2py Web Framework" group.
To post to this group, send email to web2py@googlegroups.com
To unsubscribe from this group, send email to 
web2py+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/web2py?hl=en
-~----------~----~----~----~------~----~------~--~---

Reply via email to