I'll try to explain in layman words.... web2py configured to use ldap authentication does a search (or multiple searches, but only for group-related things that can be disabled) and it uses python-ldap under the hood. You can pretty much copy the code from contrib to code your own search.
The thing to be aware of (and the one I'm stressing about) is that ldap itself doesn't provide a method to return a password for a given user.... It instead uses a username-password combo to connect to the LDAP server (there is a few percentage of LDAP servers out there that let you connect to it anonimously) exactly as it was a database. The only API LDAP exposes is "if I give you this username and this password, would it be authenticated ?" . That's what .simple_bind_s(username, password) does. simple_bind_s() for LDAP closely resembles .get_or_create() for auth. You give the password to it, but you can't fetch it back, in ANY way. Therefore, if you want to fetch some special attributes for a given user, or if you want to code your own searches, you'd be better off asking LDAP administrators for a service account just to connect to the LDAP server and do searches (if it requires authentication). Be aware that some properties may very well be unreachable with "normal" user login credentials (i.e. doing searches with credentials provided by a normal user). -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
