LDAP could be used to verify group membership too. It would be cool if we could do something similar to login_methods: auth.settings.membership_providers = [ldap_membership(...), auth]
Not sure how tricky the implementation would be though... On Jun 11, 7:37 am, mdipierro <[email protected]> wrote: > fixing! > > On Jun 11, 6:58 am, "mr.freeze" <[email protected]> wrote: > > > Almost perfect. Line 705 in tools.py should be: > > if not self in self.settings.login_methods: > > instead of > > if not self in login_methods: > > > All of the combinations work as advertised with the change above. > > Thanks!!! I will have a much easier time pushing web2py at work if we > > can use our existing AD users. > > Can you do the same thing to memberships now? :) > > what do you mean? > > > > > On Jun 11, 12:16 am, mdipierro <[email protected]> wrote: > > > > I did not receive your patch but if you now do: > > > > auth.settings.login.methods=[ldap_login(..)] > > > > then it does not store password in db and always requres ldapauth. > > > If you do: > > > > auth.settings.login.methods=[ldap_login(..),auth] > > > > same as above but does store password in db. > > > if you do > > > > auth.settings.login.methods=[auth, ldap_login(..)] > > > > tries to login locally first, else tries ldap. > > > Of course you can do > > > > auth.settings.login.methods=[auth, ldap_login(...), email_login > > > (...), basic_login(...)] > > > > and combinations thereof. > > > > Please give this a try. > > > > Massimo > > > > On Jun 10, 11:06 pm, "mr.freeze" <[email protected]> wrote: > > > > > I just sent you another (very simple) patch that forcesauthto use > > > > the alternative login methods if present so, for example, LDAP will be > > > > queried each time. > > > > > On Jun 9, 11:30 pm, mdipierro <[email protected]> wrote: > > > > > > Thanks! > > > > > > On Jun 9, 11:03 pm, "mr.freeze" <[email protected]> wrote: > > > > > > > Massimo, you should have a patch in email for active directory ldap > > > > > >auth. As noted in my email: > > > > > > It works but we will also need to change tools.py so that it forces > > > > > > ldap authentication each time, not just the first (maybe track the > > > > > >authmethod in the db?). > > > > > > Currently after the account is authenticated through ldap, the > > > > > > credentials are stored in the db and ldap is never queried again. > > > > > > > Also, ideally the login form would be specific to the theauthtype so > > > > > > ldap/active directory could include a domain name field. > > > > > > Then we can tackle an LDAP membership provider! > > > > > > > On Jun 8, 11:52 pm, mdipierro <[email protected]> wrote: > > > > > > > > only mode='uid' is implemented. I could use help debugging/ > > > > > > > implementing the other modes > > > > > > > > Massimo > > > > > > > > On Jun 8, 10:38 pm, "mr.freeze" <[email protected]> wrote: > > > > > > > > > Sorry, I saw 'raise SyntaxError, "Not yet implemented"' under > > > > > > > > the 'ad' > > > > > > > > and 'domino' if statements of ldap_auth_aux in ldap_auth.py and > > > > > > > > thought you weren't done. I tried it and it seems that if > > > > > > > > ad/ldapis > > > > > > > > enabled that it will take any username with a blank password. > > > > > > > > > On Jun 8, 10:04 pm, mdipierro <[email protected]> wrote: > > > > > > > > > >ldapshould work already. Please test it. > > > > > > > > > > On Jun 8, 9:29 pm, "mr.freeze" <[email protected]> wrote: > > > > > > > > > > > Massimo, I can testldapagainst AD when it is finished. > > > > > > > > > > > On May 13, 12:01 am, mdipierro <[email protected]> > > > > > > > > > > wrote: > > > > > > > > > > > > Please try this.... > > > > > > > > > > > > 1) to authenticate with gmail > > > > > > > > > > > >auth=Auth(globals(),db) > > > > > > > > > > > from gluon.contrib.login_methods.email_auth import > > > > > > > > > > > email_auth > > > > > > > > > > >auth.settings.login_methods.append(email_auth()) > > > > > > > > > > > > 2) to authenticate using basic authentication of a third > > > > > > > > > > > party server > > > > > > > > > > > >auth=Auth(globals(),db) > > > > > > > > > > > from gluon.contrib.login_methods.basic_auth import > > > > > > > > > > > basic_auth > > > > > > > > > > >auth.settings.login_methods.append(basic_auth('http://server')) > > > > > > > > > > > > 3) to authenticate usingLDAP server > > > > > > > > > > > >auth=Auth(globals(),db) > > > > > > > > > > > from gluon.contrib.login_methods.ldap_auth import > > > > > > > > > > > ldap_auth > > > > > > > > > > >auth.settings.login_methods.append(ldap_auth(...)) > > > > > > > > > > > > (requiresldaplibrary installed. look into gluon/contrib/ > > > > > > > > > > > login_methods/ldap_auth.py for ... options). > > > > > > > > > > > > Please let me know if this works for you. > > > > > > > > > > > > CAS client will be next....- Hide quoted text - > > > > > > > > - Show quoted text -- Hide quoted text - > > > > > > - Show quoted text -- Hide quoted text - > > > > - Show quoted text - --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "web2py Web Framework" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/web2py?hl=en -~----------~----~----~----~------~----~------~--~---
