Attachment 'ldap_login.py.patch'

Download

   1 diff -r dfb257df7fe3 MoinMoin/auth/ldap_login.py
   2 --- a/MoinMoin/auth/ldap_login.py	Mon Feb 04 14:35:21 2008 +0100
   3 +++ b/MoinMoin/auth/ldap_login.py	Sat Feb 09 00:41:07 2008 +0100
   4 @@ -19,7 +19,6 @@ import ldap
   5  import ldap
   6  
   7  from MoinMoin import user
   8 -
   9  
  10  def ldap_login(request, **kw):
  11      """ get authentication data from form, authenticate against LDAP (or Active
  12 @@ -72,6 +71,7 @@ def ldap_login(request, **kw):
  13                          ldap.set_option(option, value)
  14  
  15              server = cfg.ldap_uri
  16 +            ldap_base = cfg.ldap_base
  17              if verbose: request.log("LDAP: Trying to initialize %r." % server)
  18              l = ldap.initialize(server)
  19              if verbose: request.log("LDAP: Connected to LDAP server %r." % server)
  20 @@ -88,7 +88,20 @@ def ldap_login(request, **kw):
  21              # you can use %(username)s and %(password)s here to get the stuff entered in the form:
  22              ldap_binddn = cfg.ldap_binddn % locals()
  23              ldap_bindpw = cfg.ldap_bindpw % locals()
  24 -            l.simple_bind_s(ldap_binddn.encode(coding), ldap_bindpw.encode(coding))
  25 +            # searching if the user is defined in subtree of ldap_base
  26 +            try:
  27 +                ldap_search = l.search_s(ldap_base, ldap.SCOPE_SUBTREE, 'uid=%s' % ldap_binddn.encode(coding))
  28 +                ldap_dn, attrs = ldap_search[0][0], ldap_search[0][1]
  29 +            # ToDo find the right exception 
  30 +            except:
  31 +                request.log("LDAP: invalid credentials (wrong password?) for dn %r (username: %r)" % (server, ldap_binddn))
  32 +            # check if the given password belongs to the user
  33 +            try:
  34 +                l.bind_s(ldap_dn, ldap_bindpw.encode(coding))
  35 +            except:
  36 +                request.log("LDAP: invalid credentials (wrong password?) for dn %r (username: %r)" % (server, ldap_binddn))
  37 +
  38 +            #l.simple_bind_s(ldap_binddn.encode(coding), ldap_bindpw.encode(coding))
  39              if verbose: request.log("LDAP: Bound with binddn %r" % ldap_binddn)
  40  
  41              # you can use %(username)s here to get the stuff entered in the form:

Attached Files

To refer to attachments on a page, use attachment:filename, as shown below in the list of files. Do NOT use the URL of the [get] link, since this is subject to change and can break easily.
  • [get | view] (2008-02-08 23:41:54, 2.1 KB) [[attachment:ldap_login.py.patch]]
 All files | Selected Files: delete move to page copy to page

You are not allowed to attach a file to this page.