Electronics & Programming


Open Source electronics development and programming

  • You are not logged in.

#1 March 26, 2008 15:23:24

Dan E.
Registered: 2009-11-02
Reputation: +  0  -
Profile   Send e-mail  

moving django users to LDAP

On Mar 20, 7:44 pm, "Katz, Aryeh \(akatz\)" <> wrote:
> The downside of this method is that the user can still authenticate against
> Django.

I set my passwords in Django to something like 'get password from
LDAP'. This is an invalid hash, so no one would ever be able to
authenticate against Django instead of LDAP. To authenticate them, I
bind as a specific LDAP user, search for the user who is
authenticating, then rebind to LDAP as them (all this over SSL-
encrypted LDAP). It's a fairly typical technique. This is the auth
backend I wrote to do it:

ldap.set_option(ldap.OPT_X_TLS_CACERTFILE, settings.LDAP_CERT)
ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, 0)

class LdapBackend:
def authenticate(self, username=None, password=None):
l = SmartLDAPObject(
results = l.search_s(settings.LDAP_ROOT, ldap.SCOPE_SUBTREE,
"(sAMAccountName=%s)" % (username,), )
print results
dn = results
attributes = results
l.simple_bind_s(dn, password)
return None
user = User.objects.get(username=username)
except User.DoesNotExist:
user = User(username=username, password="get from ldap")
user.first_name = attributes
user.last_name = attributes
user.email = attributes
user.is_staff = True
user.is_superuser = True
return user

def get_user(self, uid):
return User.objects.get(pk=uid)
except User.DoesNotExist:
return None

You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to
For more options, visit this group athttp://groups.google.com/group/django-users?hl=en-~----------~----~----~----~------~----~------~--~---


Board footer

Moderator control

Enjoy the 11th of December

The Forums are managed by develissimo stuff members, if you find any issues or misplaced content please help us to fix it. Thank you! Tell us via Contact Options
Leave a Message
Welcome to Develissimo Live Support