def _bind(self):
"""Bind to server
"""
if self._resource.login is None:
pass # no authentication is needed
elif self._resource.auth_method == resource.AUTH_SIMPLE:
log.debug(
"Performing SIMPLE BIND operation to '%s' as '%s'" % (
self._resource.server, self._resource.login))
self._ldapconn.simple_bind_s(
self._resource.login,
self._resource.password
)
elif self._resource.auth_method == resource.AUTH_SASL:
if ldap.SASL_AVAIL:
if self._resource.sasl_method == resource.CRAM_MD5:
auth_tokens = sasl.cram_md5(
self._resource.login,
self._resource.password
)
elif self._resource.sasl_method == resource.DIGEST_MD5:
auth_tokens = sasl.digest_md5(
self._resource.login,
self._resource.password
)
log.debug("Performing SIMPLE BIND operation to '%s'" %
self._resource.server)
self._ldapconn.sasl_interactive_bind_s("", auth_tokens)
else:
raise exceptions.ResourceError(
'python-ldap is built without sasl support')
self._connected = True
def get_conn(self):
conn = self.conn
if conn is None:
import ldap; from ldap import sasl
conn = ldap.initialize(self.ldapuri)
conn.set_option(ldap.OPT_PROTOCOL_VERSION, ldap.VERSION3)
if self.simpleauth:
conn.simple_bind_s(self.binddn, self.credentials)
else:
saslmech = self.saslmech.lower()
if saslmech == 'cram-md5':
auth = sasl.cram_md5(self.authcid, self.credentials, self.authzid)
elif saslmech == 'digest-md5':
auth = sasl.digest_md5(self.authcid, self.credentials, self.authzid)
elif saslmech == 'gssapi':
auth = sasl.gssapi(self.authzid)
elif saslmech == 'external':
auth = sasl.external(self.authzid)
conn.sasl_interactive_bind_s('', auth)
self.conn = conn
return conn
def get_conn(self):
conn = self.conn
if conn is None:
import ldap
from ldap import sasl
conn = ldap.initialize(self.ldapuri)
conn.set_option(ldap.OPT_PROTOCOL_VERSION, ldap.VERSION3)
if self.simpleauth:
conn.simple_bind_s(self.binddn, self.credentials)
else:
saslmech = self.saslmech.lower()
if saslmech == 'cram-md5':
auth = sasl.cram_md5(self.authcid, self.credentials,
self.authzid)
elif saslmech == 'digest-md5':
auth = sasl.digest_md5(self.authcid, self.credentials,
self.authzid)
elif saslmech == 'gssapi':
auth = sasl.gssapi(self.authzid)
elif saslmech == 'external':
auth = sasl.external(self.authzid)
conn.sasl_interactive_bind_s('', auth)
self.conn = conn
return conn
