LDAP Integration ( https://github.com/retspen/webvirtcloud/issues/243 ) (#443)

* Added ldap support

* Update

* Added logging

* Update

* Working

* Working

* Working

* Working

* Check for ldap3 existence

* Check for ldap3 existence

* Check for ldap3 existence

* Check for ldap3 existence

* Check for ldap3 existence

* Check for ldap3 existence

* Check for ldap3 existence

* Check for ldap3 existence

* Check for ldap3 existence

* Check for ldap3 existence

* Add eol

Co-authored-by: Kendar <unknown@kendar.org>

README.md

@@ -57,7 +57,7 @@ print(''.join([random.SystemRandom().choice(haystack) for _ in range(50)]))
 ### Install WebVirtCloud panel (Ubuntu 18.04+ LTS)
 
 ```bash
-sudo apt-get -y install git virtualenv python3-virtualenv python3-dev python3-lxml libvirt-dev zlib1g-dev libxslt1-dev nginx supervisor libsasl2-modules gcc pkg-config python3-guestfs
+sudo apt-get -y install git virtualenv python3-virtualenv python3-dev python3-lxml libvirt-dev zlib1g-dev libxslt1-dev nginx supervisor libsasl2-modules gcc pkg-config python3-guestfs libsasl2-dev libldap2-dev libssl-dev
 git clone https://github.com/retspen/webvirtcloud
 cd webvirtcloud
 cp webvirtcloud/settings.py.template webvirtcloud/settings.py
@@ -97,7 +97,7 @@ Go to http://serverip and you should see the login screen.
 
 ```bash
 sudo yum -y install epel-release
-sudo yum -y install python3-virtualenv python3-devel libvirt-devel glibc gcc nginx supervisor python3-lxml git python3-libguestfs iproute-tc cyrus-sasl-md5 python3-libguestfs
+sudo yum -y install python3-virtualenv python3-devel libvirt-devel glibc gcc nginx supervisor python3-lxml git python3-libguestfs iproute-tc cyrus-sasl-md5 python3-libguestfs libsasl2-dev libldap2-dev libssl-dev
 ```
 
 #### Creating directories and cloning repo
@@ -380,6 +380,48 @@ Run tests
 python manage.py test
 ```
 
+## LDAP Configuration
+
+The example settings are based on an OpenLDAP server with groups defined as "cn" of class "groupOfUniqueNames"
+
+Enable LDAP
+
+```bash
+sudo sed -i "s/LDAP_ENABLED = False/LDAP_ENABLED = True/g"" /srv/webvirtcloud/webvirtcloud/settings.py
+```
+
+Set the LDAP server name and root DN
+
+```bash
+sudo sed -i "s/LDAP_URL = ''/LDAP_URL = 'myldap.server.com'/g"" /srv/webvirtcloud/webvirtcloud/settings.py
+sudo sed -i "s/LDAP_ROOT_DN = ''/LDAP_ROOT_DN = 'dc=server,dc=com'/g"" /srv/webvirtcloud/webvirtcloud/settings.py
+```
+
+Set the user that has browse access to LDAP and its password
+
+```bash
+sudo sed -i "s/LDAP_MASTER_DN = ''/LDAP_MASTER_DN = 'cn=admin,ou=users,dc=kendar,dc=org'/g"" /srv/webvirtcloud/webvirtcloud/settings.py
+sudo sed -i "s/LDAP_MASTER_PW = ''/LDAP_MASTER_PW = 'password'/g"" /srv/webvirtcloud/webvirtcloud/settings.py
+```
+
+Set the attribute that will be used to find the username, i usually use the cn
+
+```bash
+sudo sed -i "s/LDAP_USER_UID_PREFIX = ''/LDAP_USER_UID_PREFIX = 'cn'/g"" /srv/webvirtcloud/webvirtcloud/settings.py
+```
+
+You can now create the filters to retrieve the users for the various group. This will be used during the user creation only
+
+```bash
+sudo sed -i "s/LDAP_SEARCH_GROUP_FILTER_ADMINS = ''/LDAP_SEARCH_GROUP_FILTER_ADMINS = 'memberOf=cn=admins,dc=kendar,dc=org'/g"" /srv/webvirtcloud/webvirtcloud/settings.py
+sudo sed -i "s/LDAP_SEARCH_GROUP_FILTER_STAFF = ''/LDAP_SEARCH_GROUP_FILTER_STAFF = 'memberOf=cn=staff,dc=kendar,dc=org'/g"" /srv/webvirtcloud/webvirtcloud/settings.py
+sudo sed -i "s/LDAP_SEARCH_GROUP_FILTER_USERS = ''/LDAP_SEARCH_GROUP_FILTER_USERS = 'memberOf=cn=users,dc=kendar,dc=org'/g"" /srv/webvirtcloud/webvirtcloud/settings.py
+```
+
+Now when you login with an LDAP user it will be assigned the rights defined. The user will be authenticated then with ldap and authorized through the WebVirtCloud permissions.
+
+If you'd like to move a user from ldap to WebVirtCloud, just change its password from the UI and (eventually) remove from the group in ldap
+
 ## Screenshots
 
 Instance Detail: