[web2py] can we have web2py groups with AD authentication ?

[Gary Cowell]

I would like my app to authenticate with AD (ldap) for users and passwords.

But, I'm not in control of the LDAP, and I can't get them to add new groups 
etc. and the app requires users to be in a web2py admin group to do certain 
admin functions within the app.

So at the moment, I'm using standard auth, where users can self register, 
then I add them to the admin group myself if necessary

I found a web2py slices for authenticating against AD, but how can I also 
use web2py groups, /instead of/ AD/ldap groups? So authenticate the user 
and password against AD, but use my app groups for additional permissions

Is it the case of the auth.settings.create_user_groups and 
auth.settings.login_methods [ manage_groups ] options?

I won't be able to test it sadly until I have access to an ldap server. 
Might be time to run my own for now, I suppose! 

Question for now is, is this possible at all? If so, I will set up and 
configure an ldap server to test it with.

Thanks


from gluon.tools import Auth, Crud, Service, PluginManager, prettydate
auth = Auth(db, hmac_key = Auth.get_or_create_key())
 
then
 
auth.define_tables(username=True)
#auth.settings.create_user_groups=False
 
after
 
# all we need is login
auth.settings.actions_disabled=['register','change_password','request_reset_password','retrieve_username','profile']
 
# you don't have to remember me
auth.settings.remember_me_form = False
 
and
 
from gluon.contrib.login_methods.ldap_auth import ldap_auth
auth.settings.login_methods = [ldap_auth(mode='ad',
    manage_groups= True, 
    db = db,
    group_name_attrib = 'cn',
    group_member_attrib = 'member',
    group_filterstr = 'objectClass=Group',
    server='<server>',
    base_dn='OU=<my org unit>,DC=<domain>,DC=<domain>')]

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.