Fran has helped me to get ldap-authentication working. My next
question comes from the fact that now anyone on the ldap-tree can
login and then become a registered user.
I have the following model:
==============================
if request.env.web2py_runtime_gae: # if running on Google App Engine
db = DAL('gae') # connect to Google BigTable
session.connect(request, response, db=db) # and store sessions and
tickets there
# session.connect(request, response, db=MEMDB(Client())
else: # else use a normal
relational database
db = DAL('sqlite://storage.sqlite') # if not, use SQLite or other DB
from gluon.contrib.login_methods.ldap_auth import ldap_auth
from gluon.tools import *
auth=Auth(globals(),db) # authentication/authorization
crud=Crud(globals(),db) # for CRUD helpers using auth
service=Service(globals()) # for json, xml, jsonrpc,
xmlrpc, amfrpc
auth.settings.login_methods=[ldap_auth(server='stbldap01.sun.ac.za',
port=636, base_dn='ou=users,O=SU', mode='cn', secure=True)]
crud.auth=auth
auth.settings.table_user =
db.define_table("auth_user",db.Field("first_name",length=128,default=""),
db.Field("last_name", length=128,default=""),
db.Field("email", length=128,default=""),
db.Field("username", length=32,default=""),
db.Field("password",'password',readable=False,
writable=False,label="Password"),
db.Field("registration_key", length=128,
writable=False, readable=False, default=""))
t = auth.settings.table_user
t.first_name.requires = IS_NOT_EMPTY()
t.username.requires = IS_NOT_EMPTY()
t.last_name.requires = IS_NOT_EMPTY()
t.password.requires = CRYPT() # password will be stored hashed
t.email.requires = [IS_EMAIL(), IS_NOT_IN_DB(db, db.auth_user.email)]
t.username.requires = [IS_NOT_IN_DB(db, db.auth_user.username)]
auth.define_tables() ### auth_user will not be redefined!
crud.settings.auth=auth # enforces authorization on crud
mail=Mail() # mailer
mail.settings.server='localhost' # your SMTP server
mail.settings.sender='johann.sp...@gmail.com' # your email
mail.settings.login=None # your credentials or None
auth.settings.mailer=mail # for user email verification
auth.settings.registration_requires_verification = True
auth.settings.registration_requires_approval = True
auth.messages.verify_email = \
'Click on the link
https://werkesel.sun.ac.za/linux_span/default/user/verify_email/%(key)s
to verify your email'
====================================
At the moment there are at least two problems:
1. Anyone in the ldap-tree can login and will then be registered
although there is no email address and registration key.
2. Any email address I type in results in an error: "Invalid email address"
I want only registered users to be able to log in. And I want the
registration to be approved by the administrator before it is valid.
How do I do it in this setup?
Why does the registration form complain about an invalid email address?
Regards
Johann
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To post to this group, send email to web2py@googlegroups.com
To unsubscribe from this group, send email to
web2py+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/web2py?hl=en
-~----------~----~----~----~------~----~------~--~---
