The first thing is to check that your LDAP server is working and that you can manually query it.
- A good tutorial (in french, unfortunately) : http://www-sop.inria.fr/members/Laurent.Mirtain/ldap-livre.html - Some information : https://sites.google.com/site/openldaptutorial/Home/openldap---beginners - Basic installation : https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-a-basic-ldap-server-on-an-ubuntu-12-04-vps - Command line : http://www.vinidox.com/ldap/querying-an-ldap-server-from-the-command-line-with-ldap-utils-ldapsearch-ldapadd-ldapmodify/ I was in a similar case a few weeks ago ; The process must be done through clear checkpoints : - setup your LDAP server - check that you get data you expect using command line - configure your TG2 application - check that you can login - develop code which can use LDAP or Database for authentication I can't help much more, because I'm in the fourth step (my code is something working but not clearly) Damien Le mardi 3 février 2015 14:42:35 UTC+1, Luca Verardi a écrit : > > Hello everybody, > > I have a question regarding LDAP authentication with TurboGears. For my > tests I've created a new buildout and used the who_ldap plugin, made by > (IIRC) Christoph. > > The LDAP server itself has a very simple structure: > > dc=test,dc=com > - cn=admin (default administrator) > - cn=luca > > I've written my config/app_cfg.py as per the documentation here ( > http://turbogears.readthedocs.org/en/development/cookbook/ldap-auth.html), > changing only the connection parameters: > > base_config.use_sqlalchemy = False > base_config.sa_auth.cookie_secret = 'secret' > base_config.auth_backend = 'ldapauth' > > ldap_url = 'ldap://127.0.0.1' > ldap_base_dn = 'dc=test,dc=com' > ldap_bind_dn = 'dc=test,dc=com' > ldap_bind_pass = 'adminpass' > > ldap_auth = LDAPSearchAuthenticatorPlugin( > url=ldap_url, > base_dn=ldap_base_dn, > bind_dn=ldap_bind_dn, > bind_pass=ldap_bind_pass, > returned_id='login', > naming_attribute='sAMAccountName', > ) > base_config.sa_auth.authenticators = [('ldapauth', ldap_auth)] > > ldap_user_provider = LDAPAttributesPlugin( > url=ldap_url, bind_dn=ldap_bind_dn, bind_pass=ldap_bind_pass, > name='user', > attributes='givenName=first_name,sn=last_name,mail=email_address', > flatten=True) > > ldap_groups_provider = LDAPGroupsPlugin( > url=ldap_url, base_dn=ldap_base_dn, > bind_dn=ldap_bind_dn, bind_pass=ldap_bind_pass, > filterstr='(&(objectClass=group)(member=%(dn)s))', > name='groups', > start_tls=True) > > I tried authenticating via http://127.0.0.1:8080/login, but got this > error: > 12:54:58,023 ERROR [repoze.who] Cannot establish connection > > I don't know much about LDAP, but I need it to make 2 different > authentication systems work with each other. > How can I solve this? > > Best regards > Luca Verardi > -- You received this message because you are subscribed to the Google Groups "TurboGears" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/turbogears. For more options, visit https://groups.google.com/d/optout.
