Пример #1
0
 def __init__(self,
              context_source=None,
              user_dn_patterns="uid={0},ou=people",
              password_attr_name="userPassword"):
     self.context_source = context_source
     self.user_dn_patterns = user_dn_patterns
     self.password_attr_name = password_attr_name
     self.encoder = LdapShaPasswordEncoder()
     self.logger = logging.getLogger(
         "springpython.security.providers.Ldap.PasswordComparisonAuthenticator"
     )
Пример #2
0
class PasswordComparisonAuthenticator(object):
    """
    This ldap authenticator uses string comparison to confirm the user's password. This means a password encoder must
    be provided, or the default LdapShaPasswordEncoder will be used. It searched for the user's entry, fetches the
    password, and then does a string comparison to confirm the password.
    """
    def __init__(self,
                 context_source=None,
                 user_dn_patterns="uid={0},ou=people",
                 password_attr_name="userPassword"):
        self.context_source = context_source
        self.user_dn_patterns = user_dn_patterns
        self.password_attr_name = password_attr_name
        self.encoder = LdapShaPasswordEncoder()
        self.logger = logging.getLogger(
            "springpython.security.providers.Ldap.PasswordComparisonAuthenticator"
        )

    def authenticate(self, authentication):
        """
        Using the user_dn_patterns, find the user's entry, and then retrieve the password field. Encode the supplied
        password with the necessary hasher, and compare to the entry.
        """

        username = self.user_dn_patterns.replace("{0}",
                                                 authentication.username)
        baseDn = self.context_source.base()

        parts = username.split(",")

        if len(parts) > 1:
            username = parts[0]
            baseDn = ",".join(parts[1:]) + "," + baseDn

        (host, port) = self.context_source.server()
        self.logger.debug("Opening connection to server %s/%s" %
                          (host, int(port)))
        l = ldap.open(host, int(port))

        self.logger.debug("Searching for %s in %s" % (username, baseDn))
        result_set = l.search_s(baseDn, ldap.SCOPE_SUBTREE, username, None)

        if len(result_set) != 1:
            raise BadCredentialsException(
                "Found %s entries at %s/%s. Should only be 1." %
                (len(result_set), baseDn, username))

        self.logger.debug("Looking for attributes...%s" % result_set[0][1])
        stored_password = result_set[0][1][self.password_attr_name.lower()][0]
        self.logger.debug("Comparing passwords...")

        if self.encoder.isPasswordValid(stored_password,
                                        authentication.password, None):
            self.logger.debug("Successfully matched passwords!")
            return (result_set[0], l)
        else:
            raise BadCredentialsException("Invalid password")
Пример #3
0
class PasswordComparisonAuthenticator(object):
    """
    This ldap authenticator uses string comparison to confirm the user's password. This means a password encoder must
    be provided, or the default LdapShaPasswordEncoder will be used. It searched for the user's entry, fetches the
    password, and then does a string comparison to confirm the password.
    """

    def __init__(self, context_source=None, user_dn_patterns="uid={0},ou=people", password_attr_name="userPassword"):
        self.context_source = context_source
        self.user_dn_patterns = user_dn_patterns
        self.password_attr_name = password_attr_name
        self.encoder = LdapShaPasswordEncoder()
        self.logger = logging.getLogger("springpython.security.providers.Ldap.PasswordComparisonAuthenticator")

    def authenticate(self, authentication):
        """
        Using the user_dn_patterns, find the user's entry, and then retrieve the password field. Encode the supplied
        password with the necessary hasher, and compare to the entry.
        """

        username = self.user_dn_patterns.replace("{0}", authentication.username)
        baseDn = self.context_source.base()

        parts = username.split(",")

        if len(parts) > 1:
            username = parts[0]
            baseDn = ",".join(parts[1:]) + "," + baseDn

        (host, port) = self.context_source.server()
        self.logger.debug("Opening connection to server %s/%s" % (host, int(port)))
        l = ldap.open(host, int(port))

        self.logger.debug("Searching for %s in %s" % (username, baseDn))
        result_set = l.search_s(baseDn, ldap.SCOPE_SUBTREE, username, None)

        if len(result_set) != 1:
            raise BadCredentialsException("Found %s entries at %s/%s. Should only be 1." % (len(result_set), baseDn, username))

        self.logger.debug("Looking for attributes...%s" % result_set[0][1])
        stored_password = result_set[0][1][self.password_attr_name.lower()][0]
        self.logger.debug("Comparing passwords...")

        if self.encoder.isPasswordValid(stored_password, authentication.password, None):
            self.logger.debug("Successfully matched passwords!")
            return (result_set[0],l)
        else:
            raise BadCredentialsException("Invalid password")
Пример #4
0
 def __init__(self, context_source=None, user_dn_patterns="uid={0},ou=people", password_attr_name="userPassword"):
     self.context_source = context_source
     self.user_dn_patterns = user_dn_patterns
     self.password_attr_name = password_attr_name
     self.encoder = LdapShaPasswordEncoder()
     self.logger = logging.getLogger("springpython.security.providers.Ldap.PasswordComparisonAuthenticator")