Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
protokollsystem
proto3
Commits
173da7c9
Commit
173da7c9
authored
Apr 17, 2017
by
Robin Sonnabend
Browse files
Allow configuration of the LDAP server certificate
parent
8c04d06d
Changes
2
Hide whitespace changes
Inline
Side-by-side
auth.py
View file @
173da7c9
import
ldap
import
ldap
import
hmac
,
hashlib
import
hmac
,
hashlib
import
ssl
import
ldap3
import
ldap3
from
ldap3.utils.dn
import
parse_dn
from
ldap3.utils.dn
import
parse_dn
from
datetime
import
datetime
from
datetime
import
datetime
...
@@ -99,8 +100,14 @@ class LdapManager:
...
@@ -99,8 +100,14 @@ class LdapManager:
yield
group
.
cn
.
value
yield
group
.
cn
.
value
class
ADManager
:
class
ADManager
:
def
__init__
(
self
,
host
,
domain
,
user_dn
,
group_dn
,
port
=
636
,
use_ssl
=
True
):
def
__init__
(
self
,
host
,
domain
,
user_dn
,
group_dn
,
self
.
server
=
ldap3
.
Server
(
host
,
port
=
port
,
use_ssl
=
use_ssl
)
port
=
636
,
use_ssl
=
True
,
ca_cert
=
None
):
tls_config
=
ldap3
.
Tls
(
validate
=
ssl
.
CERT_REQUIRED
)
if
ca_cert
is
not
None
:
tls_config
=
ldap3
.
Tls
(
validate
=
ssl
.
CERT_REQUIRED
,
ca_certs_file
=
ca_cert
)
self
.
server
=
ldap3
.
Server
(
host
,
port
=
port
,
use_ssl
=
use_ssl
,
tls
=
tls_config
)
self
.
domain
=
domain
self
.
domain
=
domain
self
.
user_dn
=
user_dn
self
.
user_dn
=
user_dn
self
.
group_dn
=
group_dn
self
.
group_dn
=
group_dn
...
...
config.py.example
View file @
173da7c9
...
@@ -78,7 +78,8 @@ AUTH_BACKENDS = [
...
@@ -78,7 +78,8 @@ AUTH_BACKENDS = [
host="ad.example.com",
host="ad.example.com",
domain="EXAMPLE",
domain="EXAMPLE",
user_dn="cn=users,dc=example,dc=com",
user_dn="cn=users,dc=example,dc=com",
group_dn="dc=example,dc=com")
group_dn="dc=example,dc=com",
ca_cert="/etc/ssl/certs/example-ca.pem")
]
]
# lines of error description
# lines of error description
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment