Ask Your Question
1

LDAP support

asked 2010-09-27 08:13:37 -0500

Benoit gravatar image Benoit flag of United States
865 22 8 31

updated 2010-09-27 10:55:55 -0500

Evgeny gravatar image Evgeny flag of Chile
11074 50 84 182
http://askbot.org/

Are there plans to support LDAP as a login mechanism?

This is really a pre-requisite when using askbot as an internal corporate Q&A site.

delete close flag offensive retag edit

Comments

Very possible. I'll try to get this to work this week. Thanks. Evgeny ( 2010-09-27 10:55:27 -0500 )edit

1 Answer

Sort by ยป oldest newest most voted
2

answered 2010-10-03 18:42:29 -0500

Evgeny gravatar image Evgeny flag of Chile
11074 50 84 182
http://askbot.org/

Hi Benoit,

I've added experimental LDAP support, however I've only tested in on a "mock" ldap object.

Basically if you go to "settings"->"External keys", check "Use LDAP for password login" and fill out all ldap related fields.

You might need to adjust a function askbot.deps.django_authopenid.util.ldap_check_password as some parameters may need to be changed. If you make this function work on a real LDAP directory, you'll be able to log in via ldap.

def ldap_check_password(username, password):
    import ldap
    try:
        ldap_session = ldap.initialize(askbot_settings.LDAP_URL)
        ldap_session.simple_bind_s(username, password)
        ldap_session.unbind_s()
        return True
    except ldap.LDAPError, e:
        logging.critical(unicode(e))
        return False

If you want to disable other login methods and change looks of the login form, for now you'll have to hack a template askbot/skins/default/templates/authopenid/signin.html

Here is the mock ldap object that I've used to test the LDAP method:

class LDAPError(Exception):
    pass

class LDAP(object):

    def simple_bind_s(self, username, password):
        if username == 'test' and password == 'test':
            return True
        else:
            raise LDAPError('try again')

    def unbind_s(self):
        pass

def initialize(*args):
    return LDAP()
link publish delete flag offensive edit

Comments

As it turns out, our internal LDAP setup is a pain. Ended up hacking the askbot login from authopenid to use the pwd/crypt modules. I can feed you back the changes if you want to provide a unix credentials login mechanism. Benoit ( 2010-10-11 10:49:04 -0500 )edit
Indeed could you somehow send your login code - I'll definitely include the unix credential login option. Either fork on github and add your code or email me at evgeny.fadeev@gmail.com. Thanks. As for LDAP - maybe you needed to create a more elaborate "username" parameter.. Evgeny ( 2010-10-11 11:43:36 -0500 )edit

Your answer

Please start posting your answer anonymously - your answer will be saved within the current session and published after you log in or create a new account. Please try to give a substantial answer, for discussions, please use comments and please do remember to vote (after you log in)!

[hide preview]

Reliable Askbot Hosting

Create your Q&A site at askbot.com. Managed Askbot hosting at just $15/mo. Dedicated hosting, support contracts, consulting services.

create your Q&A site
30 days free trial

Question tools

Follow
1 follower

subscribe to rss feed

Stats

Asked: 2010-09-27 08:13:37 -0500

Seen: 280 times

Last updated: Oct 03 '10

Related questions

Active Directory authentication

Difficult to change password after getting lost-password email

What do you think should be fixed first?

Sending public/private messages between users

What features should be in the API of a Q&A forum?

Add daily reputation cap

Feature request: Add classes to body in default skin

Group Badge Notifications

RSS feeds?

What user moderation tools are necessary?

Copyright Askbot, 2010-2011. Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
about | faq | help | privacy policy | give feedback
Powered by Askbot version 0.7.48