class LDAPAuthMiddleware(SessionUserMiddleware): """ Middleware automatically installed by :meth:`get_middleware_classes <lino.site.Site.get_middleware_classes>` when - :setting:`user_model` is not None - :setting:`remote_user_header` is None - :setting:`ldap_auth_server` is not None Using this requires `activedirectory <https://github.com/theatlantic/python-active-directory>`_. Thanks to Josef Kejzlar for the initial implementation. """ def __init__(self): from activedirectory import Client, Creds from activedirectory.core.exception import Error server_spec = settings.SITE.ldap_auth_server if isinstance(server_spec, six.string_types): server_spec = server_spec.split() self.domain = server_spec[0] self.server = server_spec[1] self.creds = Creds(domain) def check_password(self, username, password): try: self.creds.acquire(username, password, server=self.server) return True except Exception as e: pass return False def authenticate(self, username, password=SessionUserMiddleware.NOT_NEEDED, from_session=False): if not from_session and username and password != SessionUserMiddleware.NOT_NEEDED: if not self.check_password(username, password): return None return SessionUserMiddleware.authenticate( username, SessionUserMiddleware.NOT_NEEDED) def get_user_from_request(self, request): user = self.authenticate(request.session.get('username'), request.session.get('password'), True) if user is None: logger.debug("Login failed from session %s", request.session) user = AnonymousUser.instance() return user
class LDAPAuthMiddleware(SessionUserMiddleware): """ Middleware automatically installed by :meth:`get_middleware_classes <lino.site.Site.get_middleware_classes>` when - :setting:`user_model` is not None - :setting:`remote_user_header` is None - :setting:`ldap_auth_server` is not None Using this requires `activedirectory <https://github.com/theatlantic/python-active-directory>`_. Thanks to Josef Kejzlar for the initial implementation. """ def __init__(self): from activedirectory import Client, Creds from activedirectory.core.exception import Error server_spec = settings.SITE.ldap_auth_server if isinstance(server_spec, basestring): server_spec = server_spec.split() self.domain = server_spec[0] self.server = server_spec[1] self.creds = Creds(domain) def check_password(self, username, password): try: self.creds.acquire(username, password, server=self.server) return True except Exception as e: pass return False def authenticate(self, username, password=SessionUserMiddleware.NOT_NEEDED, from_session=False): if not from_session and username and password != SessionUserMiddleware.NOT_NEEDED: if not self.check_password(username, password): return None return SessionUserMiddleware.authenticate(username, SessionUserMiddleware.NOT_NEEDED) def get_user_from_request(self, request): user = self.authenticate(request.session.get('username'), request.session.get('password'), True) if user is None: logger.debug("Login failed from session %s", request.session) user = AnonymousUser.instance() return user
def __init__(self): from activedirectory import Client, Creds from activedirectory.core.exception import Error server_spec = settings.SITE.ldap_auth_server if isinstance(server_spec, six.string_types): server_spec = server_spec.split() self.domain = server_spec[0] self.server = server_spec[1] self.creds = Creds(domain)
def __init__(self): from activedirectory import Client, Creds from activedirectory.core.exception import Error server_spec = settings.SITE.ldap_auth_server if isinstance(server_spec, basestring): server_spec = server_spec.split() self.domain = server_spec[0] self.server = server_spec[1] self.creds = Creds(domain)
from __future__ import print_function from activedirectory import Client, Creds, activate domain = 'freeadi.org' creds = Creds(domain) creds.load() activate(creds) client = Client(domain) users = client.search('(objectClass=user)', scheme='gc') for dn, attrs in users: name = attrs['sAMAccountName'][0] domain = client.domain_name_from_dn(dn) print('-> %s (%s)' % (name, domain))
from activedirectory import Client, Creds, activate domain = 'freeadi.org' user = '******' password = '******' creds = Creds(domain) creds.acquire(user, password) activate(creds) client = Client(domain) users = client.search('(objectClass=user)') for dn, attrs in users: name = attrs['sAMAccountName'][0] print '-> %s' % name
from activedirectory import Client, Creds, Locator, activate domain = 'freeadi.org' user = '******' password = '******' creds = Creds(domain) creds.acquire(user, password) activate(creds) locator = Locator() pdc = locator.locate(domain, role='pdc') client = Client(domain) users = client.search('(objectClass=user)', server=pdc) for dn,attrs in users: name = attrs['sAMAccountName'][0] print '-> %s' % name
from activedirectory import Client, Creds, activate domain = 'freeadi.org' creds = Creds(domain) creds.load() activate(creds) client = Client(domain) users = client.search('(objectClass=user)', scheme='gc') for dn,attrs in users: name = attrs['sAMAccountName'][0] domain = client.domain_name_from_dn(dn) print '-> %s (%s)' % (name, domain)