def __init__(self, context_source=None, user_dn_patterns="uid={0},ou=people", password_attr_name="userPassword"): self.context_source = context_source self.user_dn_patterns = user_dn_patterns self.password_attr_name = password_attr_name self.encoder = LdapShaPasswordEncoder() self.logger = logging.getLogger( "springpython.security.providers.Ldap.PasswordComparisonAuthenticator" )
class PasswordComparisonAuthenticator(object): """ This ldap authenticator uses string comparison to confirm the user's password. This means a password encoder must be provided, or the default LdapShaPasswordEncoder will be used. It searched for the user's entry, fetches the password, and then does a string comparison to confirm the password. """ def __init__(self, context_source=None, user_dn_patterns="uid={0},ou=people", password_attr_name="userPassword"): self.context_source = context_source self.user_dn_patterns = user_dn_patterns self.password_attr_name = password_attr_name self.encoder = LdapShaPasswordEncoder() self.logger = logging.getLogger( "springpython.security.providers.Ldap.PasswordComparisonAuthenticator" ) def authenticate(self, authentication): """ Using the user_dn_patterns, find the user's entry, and then retrieve the password field. Encode the supplied password with the necessary hasher, and compare to the entry. """ username = self.user_dn_patterns.replace("{0}", authentication.username) baseDn = self.context_source.base() parts = username.split(",") if len(parts) > 1: username = parts[0] baseDn = ",".join(parts[1:]) + "," + baseDn (host, port) = self.context_source.server() self.logger.debug("Opening connection to server %s/%s" % (host, int(port))) l = ldap.open(host, int(port)) self.logger.debug("Searching for %s in %s" % (username, baseDn)) result_set = l.search_s(baseDn, ldap.SCOPE_SUBTREE, username, None) if len(result_set) != 1: raise BadCredentialsException( "Found %s entries at %s/%s. Should only be 1." % (len(result_set), baseDn, username)) self.logger.debug("Looking for attributes...%s" % result_set[0][1]) stored_password = result_set[0][1][self.password_attr_name.lower()][0] self.logger.debug("Comparing passwords...") if self.encoder.isPasswordValid(stored_password, authentication.password, None): self.logger.debug("Successfully matched passwords!") return (result_set[0], l) else: raise BadCredentialsException("Invalid password")
class PasswordComparisonAuthenticator(object): """ This ldap authenticator uses string comparison to confirm the user's password. This means a password encoder must be provided, or the default LdapShaPasswordEncoder will be used. It searched for the user's entry, fetches the password, and then does a string comparison to confirm the password. """ def __init__(self, context_source=None, user_dn_patterns="uid={0},ou=people", password_attr_name="userPassword"): self.context_source = context_source self.user_dn_patterns = user_dn_patterns self.password_attr_name = password_attr_name self.encoder = LdapShaPasswordEncoder() self.logger = logging.getLogger("springpython.security.providers.Ldap.PasswordComparisonAuthenticator") def authenticate(self, authentication): """ Using the user_dn_patterns, find the user's entry, and then retrieve the password field. Encode the supplied password with the necessary hasher, and compare to the entry. """ username = self.user_dn_patterns.replace("{0}", authentication.username) baseDn = self.context_source.base() parts = username.split(",") if len(parts) > 1: username = parts[0] baseDn = ",".join(parts[1:]) + "," + baseDn (host, port) = self.context_source.server() self.logger.debug("Opening connection to server %s/%s" % (host, int(port))) l = ldap.open(host, int(port)) self.logger.debug("Searching for %s in %s" % (username, baseDn)) result_set = l.search_s(baseDn, ldap.SCOPE_SUBTREE, username, None) if len(result_set) != 1: raise BadCredentialsException("Found %s entries at %s/%s. Should only be 1." % (len(result_set), baseDn, username)) self.logger.debug("Looking for attributes...%s" % result_set[0][1]) stored_password = result_set[0][1][self.password_attr_name.lower()][0] self.logger.debug("Comparing passwords...") if self.encoder.isPasswordValid(stored_password, authentication.password, None): self.logger.debug("Successfully matched passwords!") return (result_set[0],l) else: raise BadCredentialsException("Invalid password")
def __init__(self, context_source=None, user_dn_patterns="uid={0},ou=people", password_attr_name="userPassword"): self.context_source = context_source self.user_dn_patterns = user_dn_patterns self.password_attr_name = password_attr_name self.encoder = LdapShaPasswordEncoder() self.logger = logging.getLogger("springpython.security.providers.Ldap.PasswordComparisonAuthenticator")