def get_ldap_connection(pwdfile=False, start_tls=2, decode_ignorelist=None, admin_uldap=False): if decode_ignorelist is None: decode_ignorelist = [] ucr = univention.config_registry.ConfigRegistry() ucr.load() port = int(ucr.get('ldap/server/port', 7389)) binddn = ucr.get('tests/domainadmin/account', 'uid=Administrator,cn=users,%s' % ucr['ldap/base']) bindpw = None ldapServers = [] if ucr['ldap/server/name']: ldapServers.append(ucr['ldap/server/name']) if ucr['ldap/servers/addition']: ldapServers.extend(ucr['ldap/server/addition'].split()) if pwdfile: with open(ucr['tests/domainadmin/pwdfile']) as f: bindpw = f.read().strip('\n') else: bindpw = ucr['tests/domainadmin/pwd'] for ldapServer in ldapServers: try: lo = uldap.access(host=ldapServer, port=port, base=ucr['ldap/base'], binddn=binddn, bindpw=bindpw, start_tls=start_tls, decode_ignorelist=decode_ignorelist, follow_referral=True) if admin_uldap: lo = access(lo=lo) return lo except ldap.SERVER_DOWN(): pass raise ldap.SERVER_DOWN()
def test_authenticate_with_server_down(self): """Testing ActiveDirectoryBackend.authenticate with Server Down error """ self.spy_on(TestLDAPObject.simple_bind_s, owner=TestLDAPObject, op=kgb.SpyOpRaise(ldap.SERVER_DOWN())) self.spy_on(TestLDAPObject.search_s, owner=TestLDAPObject, op=kgb.SpyOpReturn([ ('CN=Test User,OU=MyOrg,DC=example,DC=com', { 'givenName': [b'Test'], 'sn': [b'User'], 'mail': [b'*****@*****.**'], }), ])) user = self.backend.authenticate(request=None, username='******', password='******') self.assertIsNone(user) self.assertSpyCalledWith(TestLDAPObject.simple_bind_s, '*****@*****.**', 'test-pass') self.assertSpyNotCalled(TestLDAPObject.search_s)
def get_ldap_connection(admin_uldap=False, primary=False): # type: (Optional[bool], Optional[bool]) -> access ucr = UCR ucr.load() if primary: port = int(ucr.get('ldap/master/port', 7389)) ldap_servers = [ucr['ldap/master']] else: port = int(ucr.get('ldap/server/port', 7389)) ldap_servers = [] if ucr['ldap/server/name']: ldap_servers.append(ucr['ldap/server/name']) if ucr['ldap/servers/addition']: ldap_servers.extend(ucr['ldap/server/addition'].split()) creds = UCSTestDomainAdminCredentials() for ldap_server in ldap_servers: try: lo = uldap.access(host=ldap_server, port=port, base=ucr['ldap/base'], binddn=creds.binddn, bindpw=creds.bindpw, start_tls=2, decode_ignorelist=[], follow_referral=True) if admin_uldap: lo = access(lo=lo) return lo except ldap.SERVER_DOWN: pass raise ldap.SERVER_DOWN()
def test_search_on_server_down_error(self): self.ldap_obj.search_ext_s.side_effect = ldap.SERVER_DOWN('moo') self.ldap_client.set_up() result = self.ldap_client.search('foo') self.assertEqual(result, []) self.assertEqual(2, self.ldap_obj_factory.call_count) self.assertEqual(2, self.ldap_obj.search_ext_s.call_count)
def test_no_ldap_connection_responds_with_504(): mock_ldap, mock_initialize = _mock_bad_ldap_bind( exception=ldap.SERVER_DOWN({'desc': "Can't contact LDAP server"})) response, content = _send_good_login() mock_ldap.initialize.assert_called_once() mock_initialize.simple_bind_s.assert_called_once_with( 'cn=pads,dc=localhost', 'letmein') assert response['status'] == '504'
def connect(self): if settings.LDAP_PROTO == 'ldaps': ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER) self.con = ldap.initialize(settings.LDAP_PROTO + '://' + settings.LDAP_HOST + ':' + settings.LDAP_PORT) try: self.con.simple_bind_s(settings.LDAP_BIND_DN, settings.LDAP_BIND_DN_CREDENTIAL) except ldap.SERVER_DOWN: raise ldap.SERVER_DOWN( 'The LDAP library can’t contact the LDAP server. Contact the admin.' )
def test_no_ldap_connection_preserves_redirect_in_form(): mock_ldap, mock_initialize = _mock_bad_ldap_bind( exception=ldap.SERVER_DOWN({'desc': "Can't contact LDAP server"})) response, content = _send_good_login(redirect='/baz') mock_ldap.initialize.assert_called_once() mock_initialize.simple_bind_s.assert_called_once_with( 'cn=pads,dc=localhost', 'letmein') _assert_form( content, 'Unable to reach authorization provider, please contact your administrator', redirect='/baz')
def test_when_tiddlyspace_mode_configured_no_ldap_connection_returns_form_with_csrf_token( ): mock_ldap, mock_initialize = _mock_bad_ldap_bind( exception=ldap.SERVER_DOWN({'desc': "Can't contact LDAP server"})) response, content = _send_good_login() mock_ldap.initialize.assert_called_once() mock_initialize.simple_bind_s.assert_called_once_with( 'cn=pads,dc=localhost', 'letmein') _assert_csrf_form( content, 'Unable to reach authorization provider, please contact your administrator' )
def _authenticate_ldap(self, *a, **k): raise ldap.SERVER_DOWN("Unable to connect")
def _bind_fails2(self, who='', cred='', **kw): raise ldap.SERVER_DOWN('LDAP connection invalid')
def _bind_fails2(self, who='', cred='', **kw): global _CALL_COUNTER _CALL_COUNTER += 1 raise ldap.SERVER_DOWN('I am down')