So that is different... So I guess Simone miss understand your goal... I think he may had thought you want to tamper with LDAP...
You need the administrator credentials then you can start doing something... And you should have a look to this project : https://pypi.python.org/pypi/ldap3 Python LDAP is not python 3 compatible yet, but there is this fork if you prefer : https://github.com/pyldap/pyldap Though ldap3 look promising... Or you can stick with python-ldap it up to you... Leave ldap_auth.py behind and start from scratch you will loose much less time. Good luck Richard On Tue, Dec 1, 2015 at 10:24 AM, Jonathan R <jre...@ics.com> wrote: > Hey Richard, > Sorry for the very late answer I had personal issues that kept me out of > this project. > Yes I try to create an app to "manage" parts of an ldap server such as > display query results (predefined queries) and later, maybe, modify > informations in this ldap server. > > On Wednesday, November 18, 2015 at 9:23:39 PM UTC-5, Richard wrote: >> >> Hello Jonathan, >> >> What are you trying to do exactly? Are you trying to write an App that >> can manage an LDAP server? Something like PHPldapadmin for instance? >> >> Richard >> >> On Wed, Nov 18, 2015 at 3:45 PM, Niphlod <nip...@gmail.com> wrote: >> >>> if you expose it to him, yes. >>> Unfortunately in your situation the only way to create an ldap >>> connection is to save somewhere what you need to bind to the AD server, >>> which at the very LEAST is username and password. Once again I urge to >>> speak with AD administrators and require a dedicated set of credentials to >>> let your app connect to AD servers. >>> I'm pretty sure that if you explain them what you're trying to do >>> without it (really scary stuff), they'll be happy to comply. >>> >>> On a totally different path, you can subclass or make your own >>> login_method (mostly copy/pasting web2py's one) and append your queries to >>> it. >>> >>> >>> On Wednesday, November 18, 2015 at 9:20:34 PM UTC+1, Jonathan R wrote: >>>> >>>> Hi Niphlod, >>>> I used your method but the downside is that I have a plain text >>>> password stored in my application then, I'm not really aware how secure it >>>> is to do so, is there a way for an attacker to extract this info ? >>>> >>>> On Wednesday, November 18, 2015 at 3:09:08 PM UTC-5, Niphlod wrote: >>>>> >>>>> you can't really serialize a connection. you can serialize the plain >>>>> password and then create a new one, using the credentials the user gave >>>>> you. >>>>> >>>>> On Wednesday, November 18, 2015 at 7:54:56 PM UTC+1, Jonathan R wrote: >>>>>> >>>>>> Hi, >>>>>> I'm still working on an app connecting on a ldap server using the >>>>>> credentials provided at login time by the user (in the webapp) and my >>>>>> objective is to bind once to the ldap server right after login and use >>>>>> this >>>>>> bind to make the different query requested by the user. >>>>>> I bind using a custom function added to the list : >>>>>> >>>>>> auth.settings.login_onaccept >>>>>> >>>>>> I tried to use session to pass it to the app : >>>>>> my code looks like : >>>>>> >>>>>> def ldap_connect : >>>>>> >>>>>> # create a simpleLDAPObject named *con* >>>>>> >>>>>> # initialize this object >>>>>> >>>>>> # use username and password provided to bind >>>>>> >>>>>> # here comes the problem: make the con object available outside >>>>>> this function as long as the user is logged in >>>>>> # I tried different flavor of : (session.con , session.vars.con, >>>>>> session.vars[con]) the issue is not on the syntax >>>>>> >>>>>> session['con'] = con >>>>>> >>>>>> This send an internal error while processing the functions: >>>>>> session.try_store_in ... [cookie_or_file, file] and return a Pikling >>>>>> Error >>>>>> Can't pikle <type 'thread.lock' >: attribute lookup thread.lock failed. >>>>>> >>>>>> I suppose this is why there is a section called "Don't store user >>>>>> defined object in session' in the book, my question is then where should >>>>>> I >>>>>> store it ? >>>>>> >>>>>> >>>>> -- >>> Resources: >>> - http://web2py.com >>> - http://web2py.com/book (Documentation) >>> - http://github.com/web2py/web2py (Source code) >>> - https://code.google.com/p/web2py/issues/list (Report Issues) >>> --- >>> You received this message because you are subscribed to the Google >>> Groups "web2py-users" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to web2py+un...@googlegroups.com. >>> For more options, visit https://groups.google.com/d/optout. >>> >> >> -- > Resources: > - http://web2py.com > - http://web2py.com/book (Documentation) > - http://github.com/web2py/web2py (Source code) > - https://code.google.com/p/web2py/issues/list (Report Issues) > --- > You received this message because you are subscribed to the Google Groups > "web2py-users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to web2py+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. > -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
