i installed python-ldap and now i can load it. Then i tried it with
cas by changing the cas_auth by editting it like this.
But it still it works only for the local database.
What i need is that the web2py user (ad user name )identifies against
the active directory password after first registration (with or
without password).
auth=Auth(globals(),db) # authentication/
authorization
auth.settings.login_methods=[ldap_auth
(mode='ad',server='ad.mydomain.com',
base_dn='ou=users,ou=kjc,ou=institute,dc=ad,dc=mydomain,dc=com')]
auth.settings.table_user =db.define_table("cas_user",
db.Field("name",length=128,default=""),
db.Field("email", length=128,default=""),
db.Field("password",'password',readable=False,
label="Password"),
db.Field('verification',default=''),
db.Field('last_attempt_time','integer',default=0),
db.Field('failed_attempts','integer',default=0))#, readable=False,
default="")
t = auth.settings.table_user
t.name.requires = IS_NOT_EMPTY()
t.email.requires = IS_NOT_EMPTY()
t.password.requires = CRYPT()
t.email.requires = [IS_EMAIL(), IS_NOT_IN_DB(db, db.cas_user.email)]
auth.define_tables()
crud=Crud(globals(),db)
crud.settings.auth=auth # enforces authorization
on crud
db.define_table('ticket',
SQLField('ctime','integer',default=now),
SQLField('url'),
SQLField('code'),
SQLField('cas_user',db.cas_user))
db.cas_user.name.requires=IS_NOT_EMPTY()
db.cas_user.email.requires=[IS_EMAIL(),IS_NOT_IN_DB
(db,'cas_user.email')]
On 25 Aug., 14:20, max <dulip.withan...@gmail.com> wrote:
> i installed python-ldap and now i can load it. Then i tried it with
> cas by changing the cas_auth by editting it like this.
> But it still it works only for the local database.
> What i need is that the web2py user (ad user name )identifies against
> the active directory password after first registration (with or
> without password).
>
> auth=Auth(globals(),db) # authentication/
> authorization
> auth.settings.login_methods=[ldap_auth
> (mode='ad',server='ad.mydomain.com',
> base_dn='ou=users,ou=kjc,ou=institute,dc=ad,dc=mydomain,dc=com')]
>
> auth.settings.table_user =db.define_table("cas_user",
> db.Field("name",length=128,default=""),
> db.Field("email", length=128,default=""),
> db.Field("password",'password',readable=False,
> label="Password"),
> db.Field('verification',default=''),
> db.Field('last_attempt_time','integer',default=0),
> db.Field('failed_attempts','integer',default=0))#, readable=False,
> default="")
>
> t = auth.settings.table_user
> t.name.requires = IS_NOT_EMPTY()
> t.email.requires = IS_NOT_EMPTY()
> t.password.requires = CRYPT()
> t.email.requires = [IS_EMAIL(), IS_NOT_IN_DB(db, db.cas_user.email)]
> auth.define_tables()
>
> crud=Crud(globals(),db)
> crud.settings.auth=auth # enforces authorization
> on crud
>
> db.define_table('ticket',
> SQLField('ctime','integer',default=now),
> SQLField('url'),
> SQLField('code'),
> SQLField('cas_user',db.cas_user))
>
> db.cas_user.name.requires=IS_NOT_EMPTY()
> db.cas_user.email.requires=[IS_EMAIL(),IS_NOT_IN_DB
> (db,'cas_user.email')]
>
> On 25 Aug., 13:22, max <dulip.withan...@gmail.com> wrote:
>
> > thanks. now i installed it.
> > On 25 Aug., 11:52, mdipierro <mdipie...@cs.depaul.edu> wrote:
>
> > > Do you have python ldap API installed? It does not come with web2py.
>
> > > On Aug 25, 4:41 am, max <dulip.withan...@gmail.com> wrote:
>
> > > > I tried to add the following code in the db.py
>
> > > > from gluon.contrib.login_methods.ldap_auth import ldap_auth
> > > > auth.settings.login_methods = [ldap_auth(mode='ad',
> > > > server='my.domain.controller', base_dn='ou=Users,dc=domain,dc=com')]
>
> > > > but it gives the failure.
> > > > gluon.contrib.login_methods.ldap_auth import ldap_auth File "/srv/www/
> > > > web2py/gluon/contrib/login_methods/ldap_auth.py", line 1, in
> > > > <module> import ldapImportError: No module named ldap
>
> > > > But if i insert the code in the controller the import shows no
> > > > failures.
> > > > does anybody have any idea?
>
> > > > On 7 Aug., 15:32, max <dulip.withan...@gmail.com> wrote:
>
> > > > > thanks, fran
>
> > > > > On 7 Aug., 14:10, Fran <francisb...@googlemail.com> wrote:
>
> > > > > > On Aug 7, 8:19 am, max <dulip.withan...@gmail.com> wrote:
>
> > > > > > > How can i configure the Active directory authentification using
> > > > > > > CAS?
> > > > > > > should i have to uncomment and edit the
> > > > > > > ""
> > > > > > > auth.settings.login_methods.append(ldap_auth
> > > > > > > (mode='ad',server='my.domain.controller',base_dn="ou=Users,dc=domain,dc=com",bind_dn="cn=Administrator,ou=Users,d
> > > > > > > c=domain,dc=com",bind_pass="password"))
> > > > > > > ""
> > > > > > > or is there anyway to configure it application based?
>
> > > > > > You can use AD without CAS...just for a single application...this is
> > > > > > the usual usage.
> > > > > > I don't have experience of using it with CAS...I just downloaded the
> > > > > > CAS appliance & it doesn't seem to use Auth, so would need
> > > > > > converting
> > > > > > to use Auth before it could be made to work with ldap_auth.
>
> > > > > > The best docs for LDAP authentication are currently within the
> > > > > > source
> > > > > > (the new book also has some, but the source is fine):
> > > > > > gluon/contrib/login_methods/ldap_auth.py
>
> > > > > > So to use AD, you need to have 2 lines in your model (on top of the
> > > > > > usual Auth lines):
> > > > > > from gluon.contrib.login_methods.ldap_auth import ldap_auth
> > > > > > auth.settings.login_methods.append(ldap_auth(mode='ad',
> > > > > > server='my.domain.controller', base_dn='ou=Users,dc=domain,dc=com'))
>
> > > > > > This mode means that password is cached in DB & so you can access
> > > > > > using last password known to the app in case AD is down.
> > > > > > To not have this method, make the 2nd line instead:
> > > > > > auth.settings.login_methods = [ldap_auth(mode='ad',
> > > > > > server='my.domain.controller', base_dn='ou=Users,dc=domain,dc=com')]
>
> > > > > > F
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To post to this group, send email to web2py@googlegroups.com
To unsubscribe from this group, send email to
web2py+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/web2py?hl=en
-~----------~----~----~----~------~----~------~--~---
