Ask Your Question
1

LDAP support

asked 2010-09-27 08:13:37 -0500

Benoit gravatar image

updated 2010-09-27 10:55:55 -0500

Evgeny gravatar image

Are there plans to support LDAP as a login mechanism?

This is really a pre-requisite when using askbot as an internal corporate Q&A site.

edit retag flag offensive close merge delete

Comments

Very possible. I'll try to get this to work this week. Thanks.
Evgeny gravatar imageEvgeny ( 2010-09-27 10:55:27 -0500 )edit

1 Answer

Sort by ยป oldest newest most voted
2

answered 2010-10-03 18:42:29 -0500

Evgeny gravatar image

Hi Benoit,

I've added experimental LDAP support, however I've only tested in on a "mock" ldap object.

Basically if you go to "settings"->"External keys", check "Use LDAP for password login" and fill out all ldap related fields.

You might need to adjust a function askbot.deps.django_authopenid.util.ldap_check_password as some parameters may need to be changed. If you make this function work on a real LDAP directory, you'll be able to log in via ldap.

def ldap_check_password(username, password):
    import ldap
    try:
        ldap_session = ldap.initialize(askbot_settings.LDAP_URL)
        ldap_session.simple_bind_s(username, password)
        ldap_session.unbind_s()
        return True
    except ldap.LDAPError, e:
        logging.critical(unicode(e))
        return False

If you want to disable other login methods and change looks of the login form, for now you'll have to hack a template askbot/skins/default/templates/authopenid/signin.html

Here is the mock ldap object that I've used to test the LDAP method:

class LDAPError(Exception):
    pass

class LDAP(object):

    def simple_bind_s(self, username, password):
        if username == 'test' and password == 'test':
            return True
        else:
            raise LDAPError('try again')

    def unbind_s(self):
        pass

def initialize(*args):
    return LDAP()
edit flag offensive delete link more

Comments

As it turns out, our internal LDAP setup is a pain. Ended up hacking the askbot login from authopenid to use the pwd/crypt modules. I can feed you back the changes if you want to provide a unix credentials login mechanism.
Benoit gravatar imageBenoit ( 2010-10-11 10:49:04 -0500 )edit
Indeed could you somehow send your login code - I'll definitely include the unix credential login option. Either fork on github and add your code or email me at evgeny.fadeev@gmail.com. Thanks. As for LDAP - maybe you needed to create a more elaborate "username" parameter..
Evgeny gravatar imageEvgeny ( 2010-10-11 11:43:36 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2010-09-27 08:13:37 -0500

Seen: 530 times

Last updated: Oct 03 '10