[web2py] locally stored auth information / user_groups

Fri, 01 Dec 2017 08:29:54 -0800 

Hi!

I've successfully set up ldap auth (against an Active Directory), allowing 
users to log in with their username/password credential.
But I've two issues related to ldap auth remaining:


   1. Why do I get no user_groups, if user log's in with scope, eg. 
   'testuser' vs. 'testu...@example.com' (mind that testu...@example.com is 
   _NOT_ an email address). In the first case I get a dictionary of 
   Id/Name-Values, in the second case I get an empty dictionary, yet in both 
   cases login is successfull. In the second case all my checks for group 
   memberships fail.
   2. Is there any way of turning this off or preventing web2py to locally 
   store user data (except session)? Web2py stores user data for any user ever 
   logging in into the locally created auth database (auth_user, auth_groups, 
   auth_memberships). The auth information is given by ldap and personal data 
   (related to the individual) should not be stored in local auth database.


Kind regards,
Silvan

web2py currently in use: 2.15.2-stable, this is basically the code in use 
for auth:

auth = Auth(db)
auth.define_tables(username=True)
auth.settings.create_user_groups = False
auth.settings.remember_me_form = False
auth.settings.actions_disabled=['register','change_password','request_reset_password','retrieve_username',
 
'profile']

...

base_context = uschi_conf['PROVISIONER_AD_BASECONTEXT']
org_scope = uschi_conf['PROVISIONER_AD_SCOPE']
filterstr = 'objectClass=person'
group_dn = 'OU=Groups,{}'.format(base_context)
auth.settings.login_methods=[
    ldap_auth(
        server=uschi_conf['PROVISIONER_AD_HOST'],
        port=389,
        base_dn=base_context,
        mode='ad',
        bind_dn=uschi_conf['PROVISIONER_AD_USER'],
        bind_pw=uschi_conf['PROVISIONER_AD_PASS'],
        filterstr=filterstr,
        secure=False,
        cacert_file='...',
        group_member_attrib='member',
        group_name_attrib='cn',
        group_dn=group_dn,
        manage_groups=True,
        db=db,
        logging_level='debug'
    )
]

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to