Ejemplo n.º 1
0
except ImportError:
    raise ImproperlyConfigured(
        "python-ldap and django-auth-ldap must be installed to use LDAP authentication."
    )

# All LDAP usernames have this suffix - it is removed when creating Django users
AUTH_LDAP_USERNAME_SUFFIX = environ.get("AUTH_LDAP_USERNAME_SUFFIX", "")

AUTH_LDAP_SERVER_URI = environ.get("AUTH_LDAP_SERVER_URI", "ldap://localhost")
AUTH_LDAP_BIND_DN = environ.get("AUTH_LDAP_BIND_DN", "")
AUTH_LDAP_BIND_PASSWORD = environ.get("AUTH_LDAP_BIND_PASSWORD", "")

if "AUTH_LDAP_USER_SEARCH_BASE_DN" in environ:
    AUTH_LDAP_USER_SEARCH = ldap_config.LDAPSearch(
        environ.get("AUTH_LDAP_USER_SEARCH_BASE_DN"),
        ldap.SCOPE_SUBTREE,
        environ.get("AUTH_LDAP_USER_SEARCH_BASE_FILTERSTR", "(uid=%(user)s)"),
    )
AUTH_LDAP_USER_DN_TEMPLATE = environ.get("AUTH_LDAP_USER_DN_TEMPLATE", None)
AUTH_LDAP_USER_ATTR_MAP = {
    "first_name": "givenName",
    "last_name": "sn",
    "email": "mail",
}

AUTH_LDAP_USER_FLAGS_BY_GROUP = {}
if "AUTH_LDAP_GROUP_IS_ACTIVE" in environ:
    AUTH_LDAP_USER_FLAGS_BY_GROUP["is_active"] = environ.get(
        "AUTH_LDAP_GROUP_IS_ACTIVE")
if "AUTH_LDAP_GROUP_IS_STAFF" in environ:
    AUTH_LDAP_USER_FLAGS_BY_GROUP["is_staff"] = environ.get(
Ejemplo n.º 2
0
    },
    {
        'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
    },
]
"""

AUTH_PASSWORD_VALIDATORS = []  # using AD/LDAP passwords validation rules

# Configuration for OpenLDAP
AUTH_LDAP_SERVER_URI = get_environment_variable("LDAP_HOST")
AUTH_LDAP_BIND_DN = get_environment_variable("LDAP_BIND_DN")
AUTH_LDAP_BIND_PASSWORD = get_environment_variable("LDAP_BIND_PASSWORD")
AUTH_LDAP_USER_SEARCH = ldap_config.LDAPSearch(
    get_environment_variable("LDAP_USER_SEARCH_DN"),
    ldap.SCOPE_SUBTREE,
    get_environment_variable("LDAP_USER_SEARCH_FILTERSTR"),
)
AUTH_LDAP_GROUP_SEARCH = ldap_config.LDAPSearch(
    get_environment_variable("LDAP_GROUP_SEARCH_DN"), ldap.SCOPE_SUBTREE)
AUTH_LDAP_GROUP_TYPE = getattr(
    ldap_config,
    get_environment_variable("LDAP_GROUP_TYPE",
                             default_value="NestedGroupOfNamesType"))()

AUTH_LDAP_FIND_GROUP_PERMS = True
AUTH_LDAP_CACHE_GROUPS = True
AUTH_LDAP_GROUP_CACHE_TIMEOUT = 300
AUTH_LDAP_MIRROR_GROUPS = True

Ejemplo n.º 3
0
        ldap_conn_options = json.loads(ldap_conn_options)
        for option_name in ldap_conn_options:
            option = getattr(ldap, option_name)
            AUTH_LDAP_CONNECTION_OPTIONS[option] = ldap_conn_options[
                option_name]

    AUTH_LDAP_BIND_DN = config.get_string('POLYAXON_AUTH_LDAP_BIND_DN',
                                          is_optional=True)
    AUTH_LDAP_BIND_PASSWORD = config.get_string(
        'POLYAXON_AUTH_LDAP_BIND_PASSWORD', is_secret=True, is_optional=True)
    base_dn = config.get_string('POLYAXON_AUTH_LDAP_USER_SEARCH_BASE_DN',
                                is_optional=True)
    filterstr = config.get_string('POLYAXON_AUTH_LDAP_USER_SEARCH_FILTERSTR',
                                  is_optional=True)
    if base_dn and filterstr:
        AUTH_LDAP_USER_SEARCH = django_auth_ldap_config.LDAPSearch(
            base_dn, ldap.SCOPE_SUBTREE, filterstr)

    AUTH_LDAP_USER_DN_TEMPLATE = config.get_string(
        'POLYAXON_AUTH_LDAP_USER_DN_TEMPLATE', is_optional=True)

    AUTH_LDAP_START_TLS = config.get_boolean('POLYAXON_AUTH_LDAP_START_TLS',
                                             is_optional=True)

    user_attr_map = config.get_string('POLYAXON_AUTH_LDAP_USER_ATTR_MAP',
                                      is_optional=True)
    if user_attr_map:
        AUTH_LDAP_USER_ATTR_MAP = json.loads(user_attr_map)

    # working with groups
    group_base_dn = config.get_string(
        'POLYAXON_AUTH_LDAP_GROUP_SEARCH_BASE_DN', is_optional=True)
Ejemplo n.º 4
0
    }
})

EMAIL_USE_SSL = env("DJANGO_EMAIL_USE_SSL", cast=bool, default=False)

if DEBUG:
    INSTALLED_APPS += (
        "sslserver",
    )

AUTH_LDAP_SERVER_URI = env("LDAP_SERVER_URL")
AUTH_LDAP_BIND_DN = env("LDAP_BIND_DN")
AUTH_LDAP_BIND_PASSWORD = env("LDAP_BIND_PASSWORD")
AUTH_LDAP_USER_SEARCH = ldap_config.LDAPSearch(
    env("LDAP_USER_SEARCH_DN"),
    ldap.SCOPE_SUBTREE,
    env("LDAP_USER_SEARCH_FILTERSTR")
)
AUTH_LDAP_GROUP_SEARCH = ldap_config.LDAPSearch(
    env("LDAP_GROUP_SEARCH_DN"),
    ldap.SCOPE_SUBTREE,
)
AUTH_LDAP_GROUP_TYPE = GeonodeNestedGroupOfNamesType()
AUTH_LDAP_USER_ATTR_MAP = {
    "first_name": "cn",
    "last_name": "sn"
}
AUTH_LDAP_FIND_GROUP_PERMS = True
AUTH_LDAP_MIRROR_GROUPS_EXCEPT = [
    "test_group"
]
Ejemplo n.º 5
0
 def AUTH_LDAP_GROUP_SEARCH(self):
     auth_ldap_group_search_dn = get('AUTH_LDAP_GROUP_SEARCH_DN', '')
     return config.LDAPSearch(auth_ldap_group_search_dn, ldap.SCOPE_SUBTREE,
                              "(objectClass=posixGroup)")
Ejemplo n.º 6
0
 def AUTH_LDAP_USER_SEARCH(self):
     auth_ldap_user_search_dn = get('AUTH_LDAP_USER_SEARCH_DN', '')
     return config.LDAPSearch(auth_ldap_user_search_dn, ldap.SCOPE_SUBTREE,
                              "(uid=%(user)s)")