def __load_ldap_connection(self, ldap): try: if self.config.__getattribute__(ldap).is_active: from gluon.contrib.login_methods.ldap_auth import ldap_auth if self.config.auth.auth_local_database: self.auth.settings.login_methods.append( ldap_auth( mode=self.config.__getattribute__(ldap).mode, secure=self.config.__getattribute__(ldap).secure, server=self.config.__getattribute__(ldap).server, port=self.config.__getattribute__(ldap).port, base_dn=self.config.__getattribute__(ldap).base_dn, allowed_groups=self.config.__getattribute__(ldap).allowed_groups, group_dn=self.config.__getattribute__(ldap).group_dn, group_name_attrib=self.config.__getattribute__(ldap).group_name_attrib, group_member_attrib=self.config.__getattribute__(ldap).group_member_attrib, group_filterstr=self.config.__getattribute__(ldap).group_filterstr, manage_user=True, user_firstname_attrib="cn:1", user_lastname_attrib="cn:2", user_mail_attrib="mail", db=self.db, ) ) else: self.auth.settings.login_methods = [ ( ldap_auth( mode=self.config.__getattribute__(ldap).mode, secure=self.config.__getattribute__(ldap).secure, server=self.config.__getattribute__(ldap).server, port=self.config.__getattribute__(ldap).port, base_dn=self.config.__getattribute__(ldap).base_dn, allowed_groups=self.config.__getattribute__(ldap).allowed_groups, group_dn=self.config.__getattribute__(ldap).group_dn, group_name_attrib=self.config.__getattribute__(ldap).group_name_attrib, group_member_attrib=self.config.__getattribute__(ldap).group_member_attrib, group_filterstr=self.config.__getattribute__(ldap).group_filterstr, manage_user=True, user_firstname_attrib="cn:1", user_lastname_attrib="cn:2", user_mail_attrib="mail", db=self.db, ) ) ] except Exception as e: # from log import logger # logger.warning("Not possible to connect to LDAP.") raise PRETTYHTTP(500, e)
# -*- coding: utf-8 -*- from gluon.tools import Auth, Service, PluginManager from gluon.contrib.login_methods.ldap_auth import ldap_auth from datetime import * import os db = DAL("postgres://*****:*****@localhost/cbvusb") auth = Auth(db, host_names=myconf.get('host.names')) service = Service() plugins = PluginManager() auth.settings.login_methods.append( ldap_auth(server='bomberos.usb.ve', base_dn='ou=users,dc=bomberos,dc=usb,dc=ve')) auth.settings.table_user_name = 'usuario' auth.settings.extra_fields['usuario'] = [ Field('disable', type='boolean', default=False), Field('confirmed', type='boolean', default=False) ] auth.define_tables(username=True, signature=False, migrate="db.usuario") auth.settings.create_user_groups = None auth.settings.actions_disabled.append('register') #auth.settings.actions_disabled.append('request_reset_password') # ------------------------------------------------------------------------- # create all tables needed by auth if not custom tables # -------------------------------------------------------------------------
current.proj = proj ## create all tables needed by auth if not custom tables auth.define_tables(username=True, signature=False) auth.settings.actions_disabled = [ 'register', 'retrieve_username', 'profile', 'lost_password' ] db.auth_user.username.label = 'CPF' from gluon.contrib.login_methods.ldap_auth import ldap_auth auth.settings.login_methods=[ldap_auth(mode='uid', server='ldap.unirio.br', base_dn='ou=people,dc=unirio,dc=br')] db.define_table( 'edicao', Field('nome', 'string', notnull=True, required=True, label='Edital*'), Field('dt_inicial', 'date', notnull=True, required=True, label='Data inicial de registro*'), Field('dt_conclusao', 'date', notnull=True, required=True, label="Data final de registro*"), Field('dt_inicial_projeto', 'date', notnull=True, required=True, label='Data inicial do projeto*'), Field('dt_conclusao_projeto', 'date', notnull=True, required=True, label="Data final do projeto*"), Field('dt_inicial_bolsistas', 'date', notnull=True, required=True, label="Data inicial de registro de bolsistas"), Field('dt_conclusao_bolsistas', 'date', required=True, label="Data final de registro de bolsistas"), Field('disciplinas_obrigatorias', 'boolean', notnull=True, required=True, label='Mostrar somente disciplinas obrigatórias?*') ) db.define_table( 'projetos',
## >>> db.define_table('mytable',Field('myfield','string')) ## ## Fields can be 'string','text','password','integer','double','boolean' ## 'date','time','datetime','blob','upload', 'reference TABLENAME' ## There is an implicit 'id integer autoincrement' field ## Consult manual for more options, validators, etc. ## ## More API examples for controllers: ## ## >>> db.mytable.insert(myfield='value') ## >>> rows=db(db.mytable.myfield=='value').select(db.mytable.ALL) ## >>> for row in rows: print row.id, row.myfield ######################################################################### import applications.controlies.modules.LdapConnection as LdapConnection auth.settings.login_methods=[ldap_auth( server='localhost', base_dn='ou=People,dc=instituto,dc=extremadura,dc=es',secure=LdapConnection.ldap_secure,cert_path=LdapConnection.ldap_cert,mode='cn')] ######################################################### # # Global functions # ######################################################### prod = cache.ram('prod', lambda : bool(os.environ.get('PRODUCTION')), time_expire=5000) if prod == False: # # Development environment # log_level = logging.DEBUG
from gluon import current from gluon.contrib.login_methods.ldap_auth import ldap_auth from gluon.tools import Auth, Service, Crud from datetime import datetime # Dummy code to enable code completion in IDE's. Can be removed at production apps if 0: datasource = DAL() current.datasource = datasource current.db = db auth = Auth(globals(), db) # authentication/authorization auth.settings.login_methods = [ ldap_auth(mode='uid', server='ldap.unirio.br', base_dn='ou=people,dc=unirio,dc=br') ] crud = Crud(globals(), db) # for CRUD helpers using auth service = Service(globals()) # for json, xml, jsonrpc, xmlrpc, amfrpc # # create all tables needed by auth if not custom tables auth.define_tables(username=True) auth.settings.everybody_group_id = 6 auth.settings.create_user_groups = False auth.settings.actions_disabled = [ 'register', 'retrieve_username', 'profile', 'lost_password' ] db.auth_user.username.label = 'CPF'
Field('userid', 'string', required=True, unique=True), Field('email', 'string', requires=IS_EMAIL()), Field('faculty_privileges', 'integer', requires=IS_INT_IN_RANGE(0,1)), Field('password', 'string', required=True), Field('request_time', 'integer', requires=IS_INT_IN_RANGE(0,1)), Field('approval_status', 'integer') ) db.define_table('clone_requests', Field('id', 'integer'), Field('user', 'string', required=True), Field('vm_id', 'string', required=True), Field('clone_name', 'string'), Field('full_clone', 'integer', requires=IS_INT_IN_RANGE(0,1)), Field('request_time', 'integer', requires=IS_INT_IN_RANGE(0,1)), Field('status', 'integer') ) auth = Auth(db) auth.define_tables(username=True) auth.settings.login_methods.append(ldap_auth(mode='custom', username_attrib='uid', custom_scope='subtree', server=ldap_host, base_dn=ldap_dn)) auth.settings.create_user_groups = False auth.settings.login_onaccept = [login_callback] #auth.settings.login_url = '/baadal/user/login.html' auth.settings.remember_me_form = False auth.settings.logout_next = '/baadal/default/user/login' auth.settings.login_next = '/baadal/user/index' #auth.settings.on_failed_authorization = '/baadal/default/404.html'
auth.signature, format='%(eventName)s') db.define_table('userTag', Field('auth_user', db.auth_user, readable=False, writable=False), Field('tag', db.tag)) db.define_table('eventTag', Field('tag', db.tag), Field('events', db.events)) ## Fields can be 'string','text','password','integer','double','boolean' ## 'date','time','datetime','blob','upload', 'reference TABLENAME' ## There is an implicit 'id integer autoincrement' field ## Consult manual for more options, validators, etc. ## ## More API examples for controllers: ## ## >>> db.mytable.insert(myfield='value') ## >>> rows=db(db.mytable.myfield=='value').select(db.mytable.ALL) ## >>> for row in rows: print row.id, row.myfield ######################################################################### ## after defining tables, uncomment below to enable auditing # auth.enable_record_versioning(db) from gluon.contrib.login_methods.ldap_auth import ldap_auth auth.settings.login_methods.append(ldap_auth(mode='uid_r', server='ldap.iiit.ac.in', manage_user=True, base_dn='OU=Users,DC=iiit,DC=ac,DC=in', logging_level='debug', user_firstname_attrib='cn:1',user_lastname_attrib='cn:2',user_mail_attrib='mail',db=db))
if settings.login_method == 'local' or settings.login_method == 'ldap': auth = Auth(db) elif settings.login_method == 'ldap': from gluon.contrib.login_methods.ldap_auth import ldap_auth auth.settings.login_methods=[(ldap_auth( mode=settings.ldap_mode, secure=settings.ldap_secure, server=settings.ldap_server, port=settings.ldap_port, base_dn=settings.ldap_base_dn, allowed_groups = settings.ldap_allowed_groups, group_dn = settings.ldap_group_dn, group_name_attrib = settings.ldap_group_name_attrib, group_member_attrib = settings.ldap_group_member_attrib, group_filterstr = settings.ldap_group_filterstr ))] elif settings.login_method == 'CAS': auth = Auth(db,cas_provider = settings.cas_provider) auth.settings.cas_actions['login']=settings.cas_actions_login auth.settings.cas_actions['validate']=settings.cas_actions_validate auth.settings.cas_actions['logout']=settings.cas_actions_logout
######################################################################### ## Prepare Auth ## ## Get auth defined, tables will be added later on ######################################################################### from gluon.tools import Auth from gluon.contrib.login_methods.ldap_auth import ldap_auth auth = Auth(globals(),db) # authentication/authorization auth.settings.create_user_groups = False auth.messages.label_remember_me = "Stay Logged In (for 30 days)" # RIT Ldap auth.settings.login_methods.append(ldap_auth(server='ldap.rit.edu', base_dn='ou=people,dc=rit,dc=edu')) ## Prepare Email System from gluon.tools import Mail mail=Mail() mail.settings.server = 'smtp.gmail.com:587' mail.settings.tls = True mail.settings.sender = '*****@*****.**' mail.settings.login = '******' auth.settings.mailer = mail auth.settings.registration_requires_verification = True auth.settings.registration_requires_approval = False auth.messages.verify_email = """Thanks for joining the innovation community at beta.innovation.rit.edu.
db.define_table( "eventTag", Field("tag", db.tag), Field("isApproved", "integer", readable=False, writable=False, default=0), Field("events", db.events), ) from gluon.contrib.login_methods.ldap_auth import ldap_auth auth.settings.login_methods.append( ldap_auth( mode="uid_r", server="ldap.iiit.ac.in", manage_user=True, base_dn="OU=Users,DC=iiit,DC=ac,DC=in", logging_level="debug", user_firstname_attrib="cn:1", user_lastname_attrib="cn:2", user_mail_attrib="mail", db=db, ) ) # ------------------------------------------------------------------------- # Define your tables below (or better in another model file) for example # # >>> db.define_table('mytable', Field('myfield', 'string')) # # Fields can be 'string','text','password','integer','double','boolean' # 'date','time','datetime','blob','upload', 'reference TABLENAME' # There is an implicit 'id integer autoincrement' field
## - services (xml, csv, json, xmlrpc, jsonrpc, amf, rss) ## - old style crud actions ## (more options discussed in gluon/tools.py) ######################################################################### from gluon.tools import Auth, Crud, Service, PluginManager, prettydate, Mail auth = Auth(db) crud, service, plugins = Crud(db), Service(), PluginManager() auth.settings.create_user_groups=False auth.settings.actions_disabled=['register','change_password','request_reset_password','retrieve_username','profile'] auth.settings.remember_me_form = False from gluon.contrib.login_methods.ldap_auth import ldap_auth auth.settings.login_methods = [ldap_auth(mode='cn', server='127.0.0.1', port='389', base_dn='DC=tlmariano,DC=com')] ## create all tables needed by auth if not custom tables auth.settings.extra_fields['auth_user']= [ Field("tipo_rede", "string", length=128, default=""), Field("token", "string", length=128, default=""), Field("primeira_vez", "boolean", default=True), ] # creates all needed tables auth.define_tables(username=True, signature=False) if not "auth_user" in db.tables: db.define_table("auth_user",
auth.settings.mailer = mail try: # Allow login with ldap from gluon.contrib.login_methods.ldap_auth import ldap_auth # all we need is login auth.settings.actions_disabled = [ 'register', 'change_password', 'request_reset_password', 'retrieve_username' ] # you don't have to remember me auth.settings.remember_me_form = False # Configura aplicacao para autenticar via LDAP auth.settings.login_methods.append( ldap_auth(db=db, **conf[env]['ldap'])) # redireciona depois do login auth.settings.login_next = URL('projetos') except Exception as e: logger.error(str(e)) # import Gravatar try: from gravatar import Gravatar except ImportError: from gluon.contrib.gravatar import Gravatar # multiples languages if 'siteLanguage' in request.cookies and not ( request.cookies['siteLanguage'] is None): T.force(request.cookies['siteLanguage'].value)
# # configure email mail = auth.settings.mailer # mail.settings.server = 'logging' if request.is_local else 'smtp.gmail.com:587' mail.settings.server = 'smtp.gmail.com:587' # 'logging' mail.settings.sender = '*****@*****.**' # your email mail.settings.login = '******' + emailPass # your credentials or None current.mail = mail # Se a requisição for local, utiliza base auth de teste, caso contrário, utiliza LDAP from gluon.contrib.login_methods.ldap_auth import ldap_auth auth.settings.login_methods = [ ldap_auth(mode='uid', server='10.224.16.100', base_dn='ou=people,dc=unirio,dc=br') ] from Servidor import Servidor db.auth_user.username.label = 'CPF' auth.settings.actions_disabled = [ 'register', 'retrieve_username', 'remember_me', 'profile', 'change_password', 'request_reset_password' ] auth.settings.remember_me_form = False # login_next Não está funcionando e segundo a documentação, deveria funcionar auth.settings.login_next = URL('default', 'mensagem') # Faço o redirect para URL acima, no método abaixo auth.settings.login_onaccept = Servidor().getDadosToSession()
######################################################################### ## Define your tables below (or better in another model file) for example ## ## >>> db.define_table('mytable',Field('myfield','string')) ## ## Fields can be 'string','text','password','integer','double','boolean' ## 'date','time','datetime','blob','upload', 'reference TABLENAME' ## There is an implicit 'id integer autoincrement' field ## Consult manual for more options, validators, etc. ## ## More API examples for controllers: ## ## >>> db.mytable.insert(myfield='value') ## >>> rows=db(db.mytable.myfield=='value').select(db.mytable.ALL) ## >>> for row in rows: print row.id, row.myfield ######################################################################### ## after defining tables, uncomment below to enable auditing # auth.enable_record_versioning(db) from gluon.contrib.login_methods.ldap_auth import ldap_auth auth.settings.login_methods.append( ldap_auth(mode='uid_r', server='ldap.iiit.ac.in', manage_user=True, base_dn='OU=Users,DC=iiit,DC=ac,DC=in', logging_level='debug', user_firstname_attrib='cn:1', user_lastname_attrib='cn:2', user_mail_attrib='mail', db=db))
response.optimize_js = 'concat,minify,inline' db.define_table('devices',Field('Inventory_Number','string',unique=True),Field('Serial_Number','string'),\ Field('Campus','string'),Field('User','string'),Field('Vendor','string'),Field('Room','string'),\ Field('Network','boolean'),Field('Computer_Present','boolean'),Field('Memo','text')) # Authentication - http://www.web2pyslices.com/slice/show/1468/how-to-set-up-web2py-ldap-with-windows-active-directory from gluon.tools import Auth auth = Auth(db, hmac_key=Auth.get_or_create_key()) auth.define_tables(username=True) auth.settings.create_user_groups=False # all we need is login auth.settings.actions_disabled=['register','change_password','request_reset_password','retrieve_username','profile'] # you don't have to remember me auth.settings.remember_me_form = False # ldap authentication and not save password on web2py from gluon.contrib.login_methods.ldap_auth import ldap_auth auth.settings.login_methods = [ldap_auth(mode='ad', allowed_groups = ['Domain Group1','Domain Group2'], bind_dn = 'CN=Admin User,OU=baseou,DC=example,DC=com', bind_pw = 'pass', group_dn = 'OU=Domain Groups,OU=baseou,DC=example,DC=com', group_name_attrib = 'cn', group_member_attrib = 'member', group_filterstr = 'objectClass=Group', server='server.example.com, base_dn='OU=baseou,DC=example,DC=com')] # set Title for all pages response.title = 'Change Me!'
Field('request_time', 'datetime', default=request.now), Field('status', 'integer')) db.define_table('virtual_disk_requests', Field('id', 'integer'), Field('user', 'string', required=True), Field('vmid', 'string', required=True), Field('request_time', 'datetime'), Field('status', 'integer'), Field('disk_size', 'integer')) db.define_table('vm_activity_log', Field('id', 'integer'), Field('vmid', 'string'), Field('user', 'string'), Field('task', 'string'), Field('time', 'datetime'), Field('remarks', 'string')) auth = Auth(db) auth.define_tables(username=True) auth.settings.login_methods.append( ldap_auth(mode='custom', username_attrib='uid', custom_scope='subtree', server=ldap_host, base_dn=ldap_dn)) auth.settings.create_user_groups = False auth.settings.login_onaccept = [login_callback] auth.settings.remember_me_form = False auth.settings.logout_next = '/baadal/default/user/login' auth.settings.login_next = '/baadal/user/index' scheduler = Scheduler(db)
# Conexão com o Banco de Dados if request.is_local: config.db.uri = "postgres:pg8000://matheus:123456@localhost/teste_ldap" else: config.db.uri = "postgres:pg8000://forip:[email protected]/teste_ldap" db = DAL(**config.db) # Importações from gluon.tools import Auth from gluon.contrib.login_methods.ldap_auth import ldap_auth # Login com LDAP # Configuração Auth auth = Auth(db, controller="principal",function="login") auth.settings.create_user_groups=False auth.settings.actions_disabled=['register','change_password','request_reset_password','retrieve_username','profile'] auth.settings.remember_me_form = False auth.settings.login_next = URL(a='teste_ldap', c='principal', f='index') auth.settings.login_methods = [ldap_auth(mode='ad', server='192.168.100.235', base_dn='dc=forip,dc=local')] auth.messages.logged_in = 'Bem Vindo' auth.messages.access_denied = 'Acesso negado! Contate o administrador' auth.messages.invalid_username = '******' auth.messages.invalid_login = '******' auth.messages.invalid_password = '******' auth.messages.login_button = "Entrar" auth.messages.label_email = 'E-mail' auth.messages.label_password = '******'
auth.settings.mailer = mail # Allow login with ldap from gluon.contrib.login_methods.ldap_auth import ldap_auth # all we need is login auth.settings.actions_disabled = [ 'register', 'change_password', 'request_reset_password', 'retrieve_username' ] # you don't have to remember me auth.settings.remember_me_form = False # Configura aplicacao para autenticar via LDAP auth.settings.login_methods.append(ldap_auth(db=db, **LDAP_CONFIG)) # redireciona depois do login auth.settings.login_next = URL('projetos') # import Gravatar try: from gravatar import Gravatar except ImportError: from gluon.contrib.gravatar import Gravatar # multiples languages if 'siteLanguage' in request.cookies and not (request.cookies['siteLanguage'] is None): T.force(request.cookies['siteLanguage'].value)
db.auth_user.categories_review.readable = False db.auth_user.types.requires = IS_IN_DB(db,'rtype.id','rtype.name', multiple=True) db.auth_user.types.widget = SQLFORM.widgets.checkboxes.widget db.auth_user.types.default = lambda : db(db.rtype).select() from gluon import current current.auth = auth current.db = db auth.settings.formstyle = 'bootstrap3_inline' #Active directory UPR from gluon.contrib.login_methods.ldap_auth import ldap_auth auth.settings.login_methods.append(ldap_auth(mode='ad', server=myconf.take('ad.server'), base_dn=myconf.take('ad.base_dn'), manage_user=True, user_firstname_attrib='cn:1', user_lastname_attrib='cn:2', user_mail_attrib='mail', db=db)) #Gmail auth from gluon.contrib.login_methods.email_auth import email_auth auth.settings.login_methods.append( email_auth("smtp.gmail.com:587", "@gmail.com ")) #Facebook id and key ''' client_id = "" client_secret = "" auth_url = "" token_url = "" from gluon.contrib.login_methods.oauth20_account import OAuthAccount auth.settings.login_form=OAuthAccount(client_id, client_secret, auth_url, token_url)
config.db.uri = "postgres:pg8000://matheus:123456@localhost/teste_ldap" else: config.db.uri = "postgres:pg8000://forip:[email protected]/teste_ldap" db = DAL(**config.db) # Importações from gluon.tools import Auth from gluon.contrib.login_methods.ldap_auth import ldap_auth # Login com LDAP # Configuração Auth auth = Auth(db, controller="principal", function="login") auth.settings.create_user_groups = False auth.settings.actions_disabled = [ 'register', 'change_password', 'request_reset_password', 'retrieve_username', 'profile' ] auth.settings.remember_me_form = False auth.settings.login_next = URL(a='teste_ldap', c='principal', f='index') auth.settings.login_methods = [ ldap_auth(mode='ad', server='192.168.100.235', base_dn='dc=forip,dc=local') ] auth.messages.logged_in = 'Bem Vindo' auth.messages.access_denied = 'Acesso negado! Contate o administrador' auth.messages.invalid_username = '******' auth.messages.invalid_login = '******' auth.messages.invalid_password = '******' auth.messages.login_button = "Entrar" auth.messages.label_email = 'E-mail' auth.messages.label_password = '******'
# host names must be a list of allowed host names (glob syntax allowed) auth = Auth(db, host_names=configuration.get('host.names')) # ------------------------------------------------------------------------- # create all tables needed by auth, maybe add a list of extra fields # ------------------------------------------------------------------------- auth.settings.extra_fields['auth_user'] = [] auth.settings.actions_disabled=['register','change_password','request_reset_password','retrieve_username','profile', 'retrieve_password'] auth.define_tables(username=True) auth.settings.create_user_groups=False auth.settings.remember_me_form = False from gluon.contrib.login_methods.ldap_auth import ldap_auth auth.settings.login_methods.append(ldap_auth(server='192.168.33.253', base_dn='ou=people,dc=example,dc=com', manage_user=True, user_mail_attrib='mail', manage_groups=True ) ) # auth.settings.login_methods.append(ldap_auth(mode='ad', # server='qwdcnet001.QAnets.ISLLCQA.org', # base_dn='DC=qanets,DC=ISLLCQA,DC=org', # manage_user=True, # user_firstname_attrib='cn:1', # user_lastname_attrib='cn:2', # user_mail_attrib='mail', # manage_groups=True, # db=db, # group_dn='DC=qanets,DC=ISLLCQA,DC=org', # group_name_attrib='cn',
handler.setLevel(settings.log_level) logger.addHandler(handler) logger.setLevel(settings.log_level) logger.debug(name + ' logger created') if settings.produccion == True: logger.debug('Server launched in production mode') else: logger.debug('Server launched in developpment mode') return logger settings.logger = get_configured_logger(request.application) settings.title = request.application settings.subtitle = T('Gestión de Alumnado en Centros de Secundaria') settings.author = 'Francisco Mora Sánchez' settings.author_email = '*****@*****.**' settings.keywords = 'disciplina gestion prestamo libros alumnos enseñanza centros secundaria extremadura educacion eso bachillerato evaluación' settings.description = T('Gestión de Alumnado en Centros de Secundaria') settings.layout_theme = 'Default' settings.security_key = 'a098c897-724b-4e05-b2d8-8ee993385ae6' settings.email_server = 'logging' or 'smtp.gmail.com:587' settings.email_sender = '*****@*****.**' settings.email_login = '' settings.login_method = [ldap_auth(mode='uid', server='ldap', base_dn='ou=People,dc=instituto,dc=extremadura,dc=es', allowed_groups=['teachers'], group_dn='ou=Group,dc=instituto,dc=extremadura,dc=es', group_name_attrib='cn', group_member_attrib='memberUid', group_filterstr='objectClass=*')] settings.login_config = ''
## Consult manual for more options, validators, etc. ## ## More API examples for controllers: ## ## >>> db.mytable.insert(myfield='value') ## >>> rows=db(db.mytable.myfield=='value').select(db.mytable.ALL) ## >>> for row in rows: print row.id, row.myfield ######################################################################### import applications.controlies.modules.LdapConnection as LdapConnection #Secure LDAP Auth auth.settings.login_methods = [ ldap_auth(server='localhost', base_dn='ou=People,dc=instituto,dc=extremadura,dc=es', secure=LdapConnection.ldap_secure, cert_path=LdapConnection.ldap_cert, mode='cn') ] #No secure LDAP Auth #auth.settings.login_methods=[ldap_auth( server='localhost', base_dn='ou=People,dc=instituto,dc=extremadura,dc=es',secure=False,mode='cn')] ######################################################### # # Global functions # ######################################################### prod = cache.ram('prod', lambda: bool(os.environ.get('PRODUCTION')),
# all we need is login auth.settings.actions_disabled=["register", "change_password", "request_reset_password", "retrieve_username", "profile"] # you don't have to remember me auth.settings.remember_me_form = False auth.settings.expiration = int(os.environ.get("INVENTORY_SESSION_EXPIRATION", 3600)) # ldap authentication and not save password on web2py auth.settings.login_methods = [ldap_auth( mode="ad", allowed_groups = [g.strip() for g in os.environ["AD_ALLOWED_GROUPS"].split(",")], server=os.environ["AD_HOST"], base_dn=os.environ["AD_BASE_DN"], bind_dn=os.environ["AD_BIND_USER"], bind_pw=os.environ["AD_BIND_PASS"], group_dn=os.environ["AD_GROUP_DN"], group_name_attrib="cn", group_member_attrib="member", group_filterstr="objectClass=Group", )] # set up special user permissions def view_only_create(form): form.errors.Inventory_Number = "User cannot create record" def view_only_update(form): form.errors.Inventory_Number = "User cannot update record" crud = Crud(db)