I did not receive your patch but if you now do: auth.settings.login.methods=[ldap_login(..)]
then it does not store password in db and always requres ldap auth. If you do: auth.settings.login.methods=[ldap_login(..), auth] same as above but does store password in db. if you do auth.settings.login.methods=[auth, ldap_login(..)] tries to login locally first, else tries ldap. Of course you can do auth.settings.login.methods=[auth, ldap_login(...), email_login (...), basic_login(...)] and combinations thereof. Please give this a try. Massimo On Jun 10, 11:06 pm, "mr.freeze" <[email protected]> wrote: > I just sent you another (very simple) patch that forces auth to use > the alternative login methods if present so, for example, LDAP will be > queried each time. > > On Jun 9, 11:30 pm, mdipierro <[email protected]> wrote: > > > Thanks! > > > On Jun 9, 11:03 pm, "mr.freeze" <[email protected]> wrote: > > > > Massimo, you should have a patch in email for active directory ldap > > >auth. As noted in my email: > > > It works but we will also need to change tools.py so that it forces > > > ldap authentication each time, not just the first (maybe track the > > >authmethod in the db?). > > > Currently after the account is authenticated through ldap, the > > > credentials are stored in the db and ldap is never queried again. > > > > Also, ideally the login form would be specific to the theauthtype so > > > ldap/active directory could include a domain name field. > > > Then we can tackle an LDAP membership provider! > > > > On Jun 8, 11:52 pm, mdipierro <[email protected]> wrote: > > > > > only mode='uid' is implemented. I could use help debugging/ > > > > implementing the other modes > > > > > Massimo > > > > > On Jun 8, 10:38 pm, "mr.freeze" <[email protected]> wrote: > > > > > > Sorry, I saw 'raise SyntaxError, "Not yet implemented"' under the 'ad' > > > > > and 'domino' if statements of ldap_auth_aux in ldap_auth.py and > > > > > thought you weren't done. I tried it and it seems that if ad/ldapis > > > > > enabled that it will take any username with a blank password. > > > > > > On Jun 8, 10:04 pm, mdipierro <[email protected]> wrote: > > > > > > >ldapshould work already. Please test it. > > > > > > > On Jun 8, 9:29 pm, "mr.freeze" <[email protected]> wrote: > > > > > > > > Massimo, I can testldapagainst AD when it is finished. > > > > > > > > On May 13, 12:01 am, mdipierro <[email protected]> wrote: > > > > > > > > > Please try this.... > > > > > > > > > 1) to authenticate with gmail > > > > > > > > >auth=Auth(globals(),db) > > > > > > > > from gluon.contrib.login_methods.email_auth import email_auth > > > > > > > >auth.settings.login_methods.append(email_auth()) > > > > > > > > > 2) to authenticate using basic authentication of a third party > > > > > > > > server > > > > > > > > >auth=Auth(globals(),db) > > > > > > > > from gluon.contrib.login_methods.basic_auth import basic_auth > > > > > > > >auth.settings.login_methods.append(basic_auth('http://server')) > > > > > > > > > 3) to authenticate usingLDAP server > > > > > > > > >auth=Auth(globals(),db) > > > > > > > > from gluon.contrib.login_methods.ldap_auth import ldap_auth > > > > > > > >auth.settings.login_methods.append(ldap_auth(...)) > > > > > > > > > (requiresldaplibrary installed. look into gluon/contrib/ > > > > > > > > login_methods/ldap_auth.py for ... options). > > > > > > > > > Please let me know if this works for you. > > > > > > > > > CAS client will be next....- Hide quoted text - > > > > > - Show quoted text -- Hide quoted text - > > > - Show quoted text - --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "web2py Web Framework" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/web2py?hl=en -~----------~----~----~----~------~----~------~--~---
