LDAP support
Are there plans to support LDAP as a login mechanism?
This is really a pre-requisite when using askbot as an internal corporate Q&A site.
1 Answer
- Sort by
oldest newest most voted
2
Hi Benoit,
I've added experimental LDAP support, however I've only tested in on a "mock" ldap object.
Basically if you go to "settings"->"External keys", check "Use LDAP for password login" and fill out all ldap related fields.
You might need to adjust a function askbot.deps.django_authopenid.util.ldap_check_password as some parameters may need to be changed. If you make this function work on a real LDAP directory, you'll be able to log in via ldap.
def ldap_check_password(username, password):
import ldap
try:
ldap_session = ldap.initialize(askbot_settings.LDAP_URL)
ldap_session.simple_bind_s(username, password)
ldap_session.unbind_s()
return True
except ldap.LDAPError, e:
logging.critical(unicode(e))
return False
If you want to disable other login methods and change looks of the login form, for now you'll have to hack a template askbot/skins/default/templates/authopenid/signin.html
Here is the mock ldap object that I've used to test the LDAP method:
class LDAPError(Exception):
pass
class LDAP(object):
def simple_bind_s(self, username, password):
if username == 'test' and password == 'test':
return True
else:
raise LDAPError('try again')
def unbind_s(self):
pass
def initialize(*args):
return LDAP()
Comments
As it turns out, our internal LDAP setup is a pain. Ended up hacking the askbot login from authopenid to use the pwd/crypt modules. I can feed you back the changes if you want to provide a unix credentials login mechanism.
Indeed could you somehow send your login code - I'll definitely include the unix credential login option. Either fork on github and add your code or email me at evgeny.fadeev@gmail.com. Thanks. As for LDAP - maybe you needed to create a more elaborate "username" parameter..
Comments