Group control is already in ldap_auth.py: http://www.web2pyslices.com/slice/show/1476/ldap-auth-with-allowed-groups-and-manage-groups
And I work now on storing first name, last name, and email user prefs from ldap. I think I can send a patch to Massimo tomorrow. 2012. március 8., csütörtök 20:25:12 UTC+1 időpontban Aaron a következőt írta: > > Also, what meaning does the @auth.requires_membership() decorator have in > the context of LDAP authentication? > Based on my limited knowledge of LDAP (pretty much what's on > http://ldapman.org/articles/intro_to_ldap.html), it doesn't look like > LDAP implements groups; the closest thing to it would be an entry's > Distinguished Name/Domain Components. > > Thanks, > Aaron > > On Thursday, March 8, 2012 6:04:15 AM UTC-8, Aaron wrote: >> >> I'm using gluon.tools.Auth and the default ldap_auth login_method to >> provide access control to my web2py application. >> Now, once the user has successfully logged in (@auth.require_login() >> passes), I want to find out which user is logged in, and some of this >> user's attributes. >> I could get additional information from the LDAP server (using >> python-ldap) if I knew the user name; however, the only entry I see in >> Auth<http://www.web2py.com/examples/static/epydoc/web2py.gluon.tools.Auth-class.html> >> that >> provides similar information is Auth.user_id, and I don't know how this ID >> maps to the current user's LDAP username. >> >> More generally, is there a good way for me to take control of my >> application's interaction with our LDAP server, while still leveraging the >> many built-ins Auth has to offer? >> Should I modify the ldap_auth login_method to store the username and >> password information in the session object? >> Should I write my own custom login_method? If so, what resources exist to >> help me along? >> >
