IdentityManagement: soldapprovider.py

File soldapprovider.py, 1.6 kB (added by bosticka, 2 years ago)
Ldap provider for post r1512 with filter adjusted for Active Directory authentication. Just change the filter to use other ldaps...

Line
1	import ldap
2
3	from soprovider import *
4
5
6	class SoLdapIdentityProvider(SqlObjectIdentityProvider):
7	"""
8	IdentityProvider that uses LDAP for authentication.
9	"""
10
11	def __init__(self):
12	super(SoLdapIdentityProvider, self).__init__()
13	get = turbogears.config.get
14
15	self.host = get("identity.soldapprovider.host", "localhost")
16	self.port = get("identity.soldapprovider.port", 389)
17	self.basedn = get("identity.soldapprovider.basedn", "dc=localhost")
18	self.autocreate = get("identity.soldapprovider.autocreate", False)
19
20	log.info("host :: %s" % self.host)
21	log.info("port :: %d" % self.port)
22	log.info("basedn :: %s" % self.basedn)
23	log.info("autocreate :: %s" % self.autocreate)
24
25	def validate_password( self, user, user_name, password ):
26	'''
27	Validates user_name and password against an AD domain.
28
29	'''
30
31	ldapcon = ldap.open(self.host, self.port)
32	filter = "(sAMAccountName=%s)" % user_name
33	rc = ldapcon.search(self.basedn, ldap.SCOPE_SUBTREE, filter)
34
35	objects = ldapcon.result(rc)[1]
36
37	if(len(objects) == 0):
38	log.warning("No such LDAP user: %s" % user_name)
39	return False
40	elif(len(objects) > 1):
41	log.error("Too many users: %s" % user_name)
42	return False
43
44	dn = objects[0][0]
45
46	try:
47	rc = ldapcon.simple_bind(dn, password)
48	ldapcon.result(rc)
49	except ldap.INVALID_CREDENTIALS:
50	log.error("Invalid password supplied for %s" % user_name)
51	return False
52
53	return True