def __init__(self,
context_source=None,
user_dn_patterns="uid={0},ou=people",
password_attr_name="userPassword"):
self.context_source = context_source
self.user_dn_patterns = user_dn_patterns
self.password_attr_name = password_attr_name
self.encoder = LdapShaPasswordEncoder()
self.logger = logging.getLogger(
"springpython.security.providers.Ldap.PasswordComparisonAuthenticator"
)
class PasswordComparisonAuthenticator(object):
"""
This ldap authenticator uses string comparison to confirm the user's password. This means a password encoder must
be provided, or the default LdapShaPasswordEncoder will be used. It searched for the user's entry, fetches the
password, and then does a string comparison to confirm the password.
"""
def __init__(self,
context_source=None,
user_dn_patterns="uid={0},ou=people",
password_attr_name="userPassword"):
self.context_source = context_source
self.user_dn_patterns = user_dn_patterns
self.password_attr_name = password_attr_name
self.encoder = LdapShaPasswordEncoder()
self.logger = logging.getLogger(
"springpython.security.providers.Ldap.PasswordComparisonAuthenticator"
)
def authenticate(self, authentication):
"""
Using the user_dn_patterns, find the user's entry, and then retrieve the password field. Encode the supplied
password with the necessary hasher, and compare to the entry.
"""
username = self.user_dn_patterns.replace("{0}",
authentication.username)
baseDn = self.context_source.base()
parts = username.split(",")
if len(parts) > 1:
username = parts[0]
baseDn = ",".join(parts[1:]) + "," + baseDn
(host, port) = self.context_source.server()
self.logger.debug("Opening connection to server %s/%s" %
(host, int(port)))
l = ldap.open(host, int(port))
self.logger.debug("Searching for %s in %s" % (username, baseDn))
result_set = l.search_s(baseDn, ldap.SCOPE_SUBTREE, username, None)
if len(result_set) != 1:
raise BadCredentialsException(
"Found %s entries at %s/%s. Should only be 1." %
(len(result_set), baseDn, username))
self.logger.debug("Looking for attributes...%s" % result_set[0][1])
stored_password = result_set[0][1][self.password_attr_name.lower()][0]
self.logger.debug("Comparing passwords...")
if self.encoder.isPasswordValid(stored_password,
authentication.password, None):
self.logger.debug("Successfully matched passwords!")
return (result_set[0], l)
else:
raise BadCredentialsException("Invalid password")
class PasswordComparisonAuthenticator(object):
"""
This ldap authenticator uses string comparison to confirm the user's password. This means a password encoder must
be provided, or the default LdapShaPasswordEncoder will be used. It searched for the user's entry, fetches the
password, and then does a string comparison to confirm the password.
"""
def __init__(self, context_source=None, user_dn_patterns="uid={0},ou=people", password_attr_name="userPassword"):
self.context_source = context_source
self.user_dn_patterns = user_dn_patterns
self.password_attr_name = password_attr_name
self.encoder = LdapShaPasswordEncoder()
self.logger = logging.getLogger("springpython.security.providers.Ldap.PasswordComparisonAuthenticator")
def authenticate(self, authentication):
"""
Using the user_dn_patterns, find the user's entry, and then retrieve the password field. Encode the supplied
password with the necessary hasher, and compare to the entry.
"""
username = self.user_dn_patterns.replace("{0}", authentication.username)
baseDn = self.context_source.base()
parts = username.split(",")
if len(parts) > 1:
username = parts[0]
baseDn = ",".join(parts[1:]) + "," + baseDn
(host, port) = self.context_source.server()
self.logger.debug("Opening connection to server %s/%s" % (host, int(port)))
l = ldap.open(host, int(port))
self.logger.debug("Searching for %s in %s" % (username, baseDn))
result_set = l.search_s(baseDn, ldap.SCOPE_SUBTREE, username, None)
if len(result_set) != 1:
raise BadCredentialsException("Found %s entries at %s/%s. Should only be 1." % (len(result_set), baseDn, username))
self.logger.debug("Looking for attributes...%s" % result_set[0][1])
stored_password = result_set[0][1][self.password_attr_name.lower()][0]
self.logger.debug("Comparing passwords...")
if self.encoder.isPasswordValid(stored_password, authentication.password, None):
self.logger.debug("Successfully matched passwords!")
return (result_set[0],l)
else:
raise BadCredentialsException("Invalid password")
def __init__(self, context_source=None, user_dn_patterns="uid={0},ou=people", password_attr_name="userPassword"):
self.context_source = context_source
self.user_dn_patterns = user_dn_patterns
self.password_attr_name = password_attr_name
self.encoder = LdapShaPasswordEncoder()
self.logger = logging.getLogger("springpython.security.providers.Ldap.PasswordComparisonAuthenticator")
