better ldap_auth thanks Gyuris

This commit is contained in:
Massimo DiPierro
2012-03-13 21:20:24 -05:00
parent f75a4cbe45
commit 9c647292e1
2 changed files with 8 additions and 2 deletions
+1 -1
View File
@@ -1 +1 @@
Version 1.99.7 (2012-03-13 13:59:13) dev
Version 1.99.7 (2012-03-13 21:20:19) dev
+7 -1
View File
@@ -10,7 +10,7 @@ except Exception, e:
def ldap_auth( server = 'ldap', port = None,
base_dn = 'ou=users,dc=domain,dc=com',
mode = 'uid', secure = False, cert_path = None,
mode = 'uid', secure = False, cert_path = None, cert_file = None,
bind_dn = None, bind_pw = None, filterstr = 'objectClass=*',
allowed_groups = None,
manage_user = False,
@@ -55,6 +55,8 @@ def ldap_auth( server = 'ldap', port = None,
base_dn='ou=Users,dc=domain,dc=com'))
If using secure ldaps:// pass secure=True and cert_path="..."
If ldap is using GnuTLS then you need cert_file="..." instead cert_path because
cert_path isn't implemented in GnuTLS :(
If you need to bind to the directory with an admin account in order to search it then specify bind_dn & bind_pw to use for this.
- currently only implemented for Active Directory
@@ -129,6 +131,7 @@ def ldap_auth( server = 'ldap', port = None,
ldap_bindpw = bind_pw,
secure = secure,
cert_path = cert_path,
cert_file = cert_file,
filterstr = filterstr,
manage_user = manage_user,
user_firstname_attrib = user_firstname_attrib,
@@ -436,6 +439,7 @@ def ldap_auth( server = 'ldap', port = None,
ldap_mode = mode,
secure = secure,
cert_path = cert_path,
cert_file = cert_file
):
'''
Inicialize ldap connection
@@ -447,6 +451,8 @@ def ldap_auth( server = 'ldap', port = None,
"ldaps://" + ldap_server + ":" + str( ldap_port ) )
if cert_path:
con.set_option( ldap.OPT_X_TLS_CACERTDIR, cert_path )
if cert_file:
con.set_option( ldap.OPT_X_TLS_CACERTFILE, cert_file )
else:
if not ldap_port:
ldap_port = 389