mirror of
https://github.com/retspen/webvirtcloud
synced 2024-12-25 15:45:23 +00:00
add ldap3 explanations for errors
This commit is contained in:
parent
13f332c9a5
commit
9e832c2612
2 changed files with 7 additions and 7 deletions
|
@ -12,14 +12,13 @@ try:
|
||||||
class LdapAuthenticationBackend(ModelBackend):
|
class LdapAuthenticationBackend(ModelBackend):
|
||||||
|
|
||||||
def get_LDAP_user(self, username, password, filterString):
|
def get_LDAP_user(self, username, password, filterString):
|
||||||
print('get_LDAP_user')
|
print('get_LDAP_user {}'.format(username))
|
||||||
try:
|
try:
|
||||||
server = Server(settings.LDAP_URL, port=settings.LDAP_PORT,
|
server = Server(settings.LDAP_URL, port=settings.LDAP_PORT,
|
||||||
use_ssl=settings.USE_SSL,get_info=ALL)
|
use_ssl=settings.USE_SSL,get_info=ALL)
|
||||||
connection = Connection(server,
|
connection = Connection(server,
|
||||||
settings.LDAP_MASTER_DN,
|
settings.LDAP_MASTER_DN,
|
||||||
settings.LDAP_MASTER_PW, auto_bind=True)
|
settings.LDAP_MASTER_PW, auto_bind=True)
|
||||||
|
|
||||||
connection.search(settings.LDAP_ROOT_DN,
|
connection.search(settings.LDAP_ROOT_DN,
|
||||||
'(&({attr}={login})({filter}))'.format(
|
'(&({attr}={login})({filter}))'.format(
|
||||||
attr=settings.LDAP_USER_UID_PREFIX,
|
attr=settings.LDAP_USER_UID_PREFIX,
|
||||||
|
@ -31,11 +30,10 @@ try:
|
||||||
return None
|
return None
|
||||||
specificUser = connection.response[0]
|
specificUser = connection.response[0]
|
||||||
userDn = str(specificUser.get('raw_dn'),'utf-8')
|
userDn = str(specificUser.get('raw_dn'),'utf-8')
|
||||||
with Connection(server,
|
with Connection(server, userDn, password) as con:
|
||||||
userDn,
|
|
||||||
password) as con:
|
|
||||||
return username
|
return username
|
||||||
except:
|
except Exception as e:
|
||||||
|
print("LDAP Exception: {}".format(e))
|
||||||
return None
|
return None
|
||||||
return None
|
return None
|
||||||
|
|
||||||
|
@ -50,6 +48,7 @@ try:
|
||||||
if self.get_LDAP_user(username, password, settings.LDAP_SEARCH_GROUP_FILTER_ADMINS) is None:
|
if self.get_LDAP_user(username, password, settings.LDAP_SEARCH_GROUP_FILTER_ADMINS) is None:
|
||||||
if self.get_LDAP_user(username, password, settings.LDAP_SEARCH_GROUP_FILTER_STAFF) is None:
|
if self.get_LDAP_user(username, password, settings.LDAP_SEARCH_GROUP_FILTER_STAFF) is None:
|
||||||
if self.get_LDAP_user(username, password, settings.LDAP_SEARCH_GROUP_FILTER_USERS) is None:
|
if self.get_LDAP_user(username, password, settings.LDAP_SEARCH_GROUP_FILTER_USERS) is None:
|
||||||
|
print("User does not belong to any search group. Check LDAP_SEARCH_GROUP_FILTER in settings.")
|
||||||
return None
|
return None
|
||||||
else:
|
else:
|
||||||
isStaff = True
|
isStaff = True
|
||||||
|
@ -62,7 +61,7 @@ try:
|
||||||
attributes = UserAttributes.objects.get(user=user)
|
attributes = UserAttributes.objects.get(user=user)
|
||||||
# TODO VERIFY
|
# TODO VERIFY
|
||||||
except User.DoesNotExist:
|
except User.DoesNotExist:
|
||||||
print("authenticate-create new user")
|
print("authenticate-create new user: {}".format(username))
|
||||||
user = User(username=username)
|
user = User(username=username)
|
||||||
user.is_active = True
|
user.is_active = True
|
||||||
user.is_staff = isStaff
|
user.is_staff = isStaff
|
||||||
|
|
|
@ -268,6 +268,7 @@ LDAP_MASTER_PW = ''
|
||||||
LDAP_ROOT_DN = ''
|
LDAP_ROOT_DN = ''
|
||||||
## Queries to identify the users, i use groupOfUniqueNames on openldap
|
## Queries to identify the users, i use groupOfUniqueNames on openldap
|
||||||
|
|
||||||
|
### PLEASE BE SURE memberOf overlay is activated on slapd
|
||||||
## e.g. memberOf=cn=admins,cn=staff,cn=webvirtcloud,ou=groups,dc=kendar,dc=org
|
## e.g. memberOf=cn=admins,cn=staff,cn=webvirtcloud,ou=groups,dc=kendar,dc=org
|
||||||
LDAP_SEARCH_GROUP_FILTER_ADMINS = ''
|
LDAP_SEARCH_GROUP_FILTER_ADMINS = ''
|
||||||
## e.g. memberOf=cn=staff,cn=webvirtcloud,ou=groups,dc=kendar,dc=org
|
## e.g. memberOf=cn=staff,cn=webvirtcloud,ou=groups,dc=kendar,dc=org
|
||||||
|
|
Loading…
Reference in a new issue