class LDAPAuthMiddleware(SessionUserMiddleware):
"""
Middleware automatically installed by
:meth:`get_middleware_classes <lino.site.Site.get_middleware_classes>`
when
- :setting:`user_model` is not None
- :setting:`remote_user_header` is None
- :setting:`ldap_auth_server` is not None
Using this requires
`activedirectory <https://github.com/theatlantic/python-active-directory>`_.
Thanks to Josef Kejzlar for the initial implementation.
"""
def __init__(self):
from activedirectory import Client, Creds
from activedirectory.core.exception import Error
server_spec = settings.SITE.ldap_auth_server
if isinstance(server_spec, six.string_types):
server_spec = server_spec.split()
self.domain = server_spec[0]
self.server = server_spec[1]
self.creds = Creds(domain)
def check_password(self, username, password):
try:
self.creds.acquire(username, password, server=self.server)
return True
except Exception as e:
pass
return False
def authenticate(self,
username,
password=SessionUserMiddleware.NOT_NEEDED,
from_session=False):
if not from_session and username and password != SessionUserMiddleware.NOT_NEEDED:
if not self.check_password(username, password):
return None
return SessionUserMiddleware.authenticate(
username, SessionUserMiddleware.NOT_NEEDED)
def get_user_from_request(self, request):
user = self.authenticate(request.session.get('username'),
request.session.get('password'), True)
if user is None:
logger.debug("Login failed from session %s", request.session)
user = AnonymousUser.instance()
return user
class LDAPAuthMiddleware(SessionUserMiddleware):
"""
Middleware automatically installed by
:meth:`get_middleware_classes <lino.site.Site.get_middleware_classes>`
when
- :setting:`user_model` is not None
- :setting:`remote_user_header` is None
- :setting:`ldap_auth_server` is not None
Using this requires
`activedirectory <https://github.com/theatlantic/python-active-directory>`_.
Thanks to Josef Kejzlar for the initial implementation.
"""
def __init__(self):
from activedirectory import Client, Creds
from activedirectory.core.exception import Error
server_spec = settings.SITE.ldap_auth_server
if isinstance(server_spec, basestring):
server_spec = server_spec.split()
self.domain = server_spec[0]
self.server = server_spec[1]
self.creds = Creds(domain)
def check_password(self, username, password):
try:
self.creds.acquire(username, password, server=self.server)
return True
except Exception as e:
pass
return False
def authenticate(self, username, password=SessionUserMiddleware.NOT_NEEDED, from_session=False):
if not from_session and username and password != SessionUserMiddleware.NOT_NEEDED:
if not self.check_password(username, password):
return None
return SessionUserMiddleware.authenticate(username, SessionUserMiddleware.NOT_NEEDED)
def get_user_from_request(self, request):
user = self.authenticate(request.session.get('username'),
request.session.get('password'), True)
if user is None:
logger.debug("Login failed from session %s", request.session)
user = AnonymousUser.instance()
return user
def __init__(self):
from activedirectory import Client, Creds
from activedirectory.core.exception import Error
server_spec = settings.SITE.ldap_auth_server
if isinstance(server_spec, six.string_types):
server_spec = server_spec.split()
self.domain = server_spec[0]
self.server = server_spec[1]
self.creds = Creds(domain)
def __init__(self):
from activedirectory import Client, Creds
from activedirectory.core.exception import Error
server_spec = settings.SITE.ldap_auth_server
if isinstance(server_spec, basestring):
server_spec = server_spec.split()
self.domain = server_spec[0]
self.server = server_spec[1]
self.creds = Creds(domain)
from __future__ import print_function
from activedirectory import Client, Creds, activate
domain = 'freeadi.org'
creds = Creds(domain)
creds.load()
activate(creds)
client = Client(domain)
users = client.search('(objectClass=user)', scheme='gc')
for dn, attrs in users:
name = attrs['sAMAccountName'][0]
domain = client.domain_name_from_dn(dn)
print('-> %s (%s)' % (name, domain))
from activedirectory import Client, Creds, activate
domain = 'freeadi.org'
user = '******'
password = '******'
creds = Creds(domain)
creds.acquire(user, password)
activate(creds)
client = Client(domain)
users = client.search('(objectClass=user)')
for dn, attrs in users:
name = attrs['sAMAccountName'][0]
print '-> %s' % name
from activedirectory import Client, Creds, Locator, activate
domain = 'freeadi.org'
user = '******'
password = '******'
creds = Creds(domain)
creds.acquire(user, password)
activate(creds)
locator = Locator()
pdc = locator.locate(domain, role='pdc')
client = Client(domain)
users = client.search('(objectClass=user)', server=pdc)
for dn,attrs in users:
name = attrs['sAMAccountName'][0]
print '-> %s' % name
from activedirectory import Client, Creds, activate
domain = 'freeadi.org'
creds = Creds(domain)
creds.load()
activate(creds)
client = Client(domain)
users = client.search('(objectClass=user)', scheme='gc')
for dn,attrs in users:
name = attrs['sAMAccountName'][0]
domain = client.domain_name_from_dn(dn)
print '-> %s (%s)' % (name, domain)
