Thanks Richard, i will try ASAP.
Greetings.
El 09/03/17 a las 13:37, Richard Vézina escribió:
port=636,
secure=True,
self_signed_certificate=True,
You should look at auth_ldap code if they all apply depends of your
LDAP server... Things is I don't recall if I contribute all the change
I made over my own auth_ldap, but the code is your source of truth...
:)
Richard
On Thu, Mar 9, 2017 at 1:35 PM, Richard Vézina
<[email protected] <mailto:[email protected]>> wrote:
Associate parameters :
On Thu, Mar 9, 2017 at 1:32 PM, Richard Vézina
<[email protected] <mailto:[email protected]>>
wrote:
You may try the SSL port 636
(http://www.openldap.org/faq/data/cache/185.html
<http://www.openldap.org/faq/data/cache/185.html>)
You may realise that it actually available...
Richard
On Thu, Mar 9, 2017 at 12:53 PM, Carlos Cesar Caballero Díaz
<[email protected]
<mailto:[email protected]>> wrote:
I completely agree, and I have warned to the sysadmin, but
is not my network, so...
Greetings.
El 09/03/17 a las 12:26, Richard Vézina escribió:
Hello Carlos,
auth_ldap is difficult to put in place because as you
mention it doesn't provide proper feedback when something
goes wrong...
Note: If you access localhost instance of LDAP it may be
ok to not use SSL protected service, but other than that
you want to use 636 port (if I recall) and SSL protected
connection, or the username and password can be access in
clear text by sniffing the network...
Richard
On Thu, Mar 9, 2017 at 12:02 PM, Carlos Cesar Caballero
Díaz <[email protected]
<mailto:[email protected]>> wrote:
Hi Richard,
I am connecting against an OpenLDAP server, and here
is a lot of services running against it (proxy,
email, nextcloud, dolibarr, a few dozen of Ubuntu PCs
and others).
After a more accurate debugging I release that
simple_bind_s() was throwing an invalid credentials
error (will be good to add a a warning or something
in logs).
I start trying with different options and this works
(it seems that the ldap server was not using a
standard OpenLdap structure, but i don't known too
much about that):
auth.settings.login_methods.append(ldap_auth(
mode='custom', server='10.6.xx.xx',
base_dn='dc=comp',
username_attrib='uid',
custom_scope='subtree',
))
So, the problem is solved and is working without
problems. Many thanks.
Greetings.
El 07/03/17 a las 13:40, Richard Vézina escribió:
Hello Carlos,
You can try to make simple bind with python ldap lib
first, make sure user, base_dn is good, you will get
more feedback then with ldap_auth
Depending of the ldap server implementation that you
try to reach you may fall on ldap_auth issue as not
all part of the ldap_auth is well testing I guess,
there is comment in the code saying that, so...
Do you connect to Active Directory? open_ldap... Is
the LDAP server properly configure if you use to put
open_ldap in place by yourself for instance, are you
able to use LDAP for authentication with other
software solution??
Richard
On Tue, Mar 7, 2017 at 11:50 AM, Carlos Cesar
Caballero Díaz <[email protected]
<mailto:[email protected]>> wrote:
No, the ldap server is not protected by ssl.
Greetings.
El 07/03/17 a las 11:42, Richard Vézina escribió:
Is your ldap server protected by ssl? If so you
have to think to change port...
Richard
On Tue, Mar 7, 2017 at 10:32 AM, Carlos Cesar
Caballero Díaz
<[email protected]
<mailto:[email protected]>> wrote:
Hi, I am trying to include ldap
authentication to my app, and for this, i
am using this code:
auth.settings.login_methods.append(ldap_auth(
mode='uid',
server='10.6.xx.xx',
base_dn='dc=comp',
filterstr='&(objectClass=inetOrgPerson)',
logging_level='debug'))
(note: The Original server and base_dn
values are changed in this example. I also
have tried with and without the filterstr
option)
But I can't login with any ldap user, and
the logs only say:
DEBUG:web2py.auth.ldap_auth:mode: [uid]
manage_user: [False] custom_scope:
[subtree] manage_groups: [False]
INFO:web2py.auth.ldap_auth:[10.6.28.93]
Initialize ldap connection
I Debug the ladp_auth module, and for some
reason it hangs on the line 314 (
con.simple_bind_s(dn, password)) without
throw any error.
If it helps, I also have tried this code
and works as expected returning the ldap
user data:
import ldap
ldap_server="10.6.xx.xx"
username = "auser"
base_dn = "dc=comp"
query = "(uid=%s)" % username
con = ldap.initialize('ldap://'+ldap_server)
result = con.search_s(base_dn,
ldap.SCOPE_SUBTREE, query)
print result
Any help or idea?
Greetings.
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py
<http://github.com/web2py/web2py> (Source code)
-
https://code.google.com/p/web2py/issues/list
<https://code.google.com/p/web2py/issues/list>
(Report Issues)
---
You received this message because you are
subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop
receiving emails from it, send an email to
[email protected]
<mailto:[email protected]>.
For more options, visit *MailScanner ha
detectado un intento de fraude en la
siguiente p�gina web "groups.google.com".
/No/ conf�e en esta p�gina web:*
*MailScanner ha detectado un intento de
fraude en la siguiente página web
"groups.google.com". /No/ confíe en esta
página web:* *MailScanner ha detectado un
intento de fraude en la siguiente p�gina
web "groups.google.com". /No/ conf�e en
esta p�gina web:* *MailScanner ha detectado
un intento de fraude en la siguiente página
web "groups.google.com". /No/ confíe en
esta página web:* *MailScanner ha detectado
un intento de fraude en la siguiente p�gina
web "groups.google.com". /No/ conf�e en
esta p�gina web:* *MailScanner ha detectado
un intento de fraude en la siguiente página
web "groups.google.com". /No/ confíe en
esta página web:* *MailScanner ha detectado
un intento de fraude en la siguiente p�gina
web "groups.google.com". /No/ conf�e en
esta p�gina web:*
https://groups.google.com/d/optout
<https://groups.google.com/d/optout>.
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py
<http://github.com/web2py/web2py> (Source code)
- https://code.google.com/p/web2py/issues/list
<https://code.google.com/p/web2py/issues/list>
(Report Issues)
---
You received this message because you are
subscribed to the Google Groups "web2py-users"
group.
To unsubscribe from this group and stop
receiving emails from it, send an email to
[email protected]
<mailto:[email protected]>.
For more options, visit *MailScanner ha
detectado un intento de fraude en la siguiente
p�gina web "groups.google.com". /No/ conf�e en
esta p�gina web:* *MailScanner ha detectado un
intento de fraude en la siguiente página web
"groups.google.com". /No/ confíe en esta página
web:* *MailScanner ha detectado un intento de
fraude en la siguiente p�gina web
"groups.google.com". /No/ conf�e en esta p�gina
web:* *MailScanner ha detectado un intento de
fraude en la siguiente página web
"groups.google.com". /No/ confíe en esta página
web:* *MailScanner ha detectado un intento de
fraude en la siguiente p�gina web
"groups.google.com". /No/ conf�e en esta p�gina
web:* *MailScanner ha detectado un intento de
fraude en la siguiente página web
"groups.google.com". /No/ confíe en esta página
web:* *MailScanner ha detectado un intento de
fraude en la siguiente p�gina web
"groups.google.com". /No/ conf�e en esta p�gina
web:* https://groups.google.com/d/optout
<https://groups.google.com/d/optout>.
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py
<http://github.com/web2py/web2py> (Source code)
- https://code.google.com/p/web2py/issues/list
<https://code.google.com/p/web2py/issues/list>
(Report Issues)
---
You received this message because you are
subscribed to the Google Groups "web2py-users"
group.
To unsubscribe from this group and stop
receiving emails from it, send an email to
[email protected]
<mailto:[email protected]>.
For more options, visit *MailScanner ha
detectado un intento de fraude en la siguiente
p�gina web "groups.google.com". /No/ conf�e en
esta p�gina web:* *MailScanner ha detectado un
intento de fraude en la siguiente página web
"groups.google.com". /No/ confíe en esta página
web:* *MailScanner ha detectado un intento de
fraude en la siguiente p�gina web
"groups.google.com". /No/ conf�e en esta p�gina
web:* *MailScanner ha detectado un intento de
fraude en la siguiente página web
"groups.google.com". /No/ confíe en esta página
web:* *MailScanner ha detectado un intento de
fraude en la siguiente p�gina web
"groups.google.com". /No/ conf�e en esta p�gina
web:* https://groups.google.com/d/optout
<https://groups.google.com/d/optout>.
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py
<http://github.com/web2py/web2py> (Source code)
- https://code.google.com/p/web2py/issues/list
<https://code.google.com/p/web2py/issues/list>
(Report Issues)
---
You received this message because you are subscribed
to the Google Groups "web2py-users" group.
To unsubscribe from this group and stop receiving
emails from it, send an email to
[email protected]
<mailto:[email protected]>.
For more options, visit *MailScanner ha detectado un
intento de fraude en la siguiente p�gina web
"groups.google.com". /No/ conf�e en esta p�gina
web:* *MailScanner ha detectado un intento de fraude
en la siguiente página web "groups.google.com". /No/
confíe en esta página web:* *MailScanner ha
detectado un intento de fraude en la siguiente
p�gina web "groups.google.com". /No/ conf�e en esta
p�gina web:* *MailScanner ha detectado un intento de
fraude en la siguiente página web
"groups.google.com". /No/ confíe en esta página
web:* *MailScanner ha detectado un intento de fraude
en la siguiente p�gina web "groups.google.com". /No/
conf�e en esta p�gina web:*
https://groups.google.com/d/optout
<https://groups.google.com/d/optout>.
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py
<http://github.com/web2py/web2py> (Source code)
- https://code.google.com/p/web2py/issues/list
<https://code.google.com/p/web2py/issues/list>
(Report Issues)
---
You received this message because you are subscribed
to the Google Groups "web2py-users" group.
To unsubscribe from this group and stop receiving
emails from it, send an email to
[email protected]
<mailto:[email protected]>.
For more options, visit *MailScanner ha detectado un
intento de fraude en la siguiente p�gina web
"groups.google.com". /No/ conf�e en esta p�gina web:*
*MailScanner ha detectado un intento de fraude en la
siguiente página web "groups.google.com". /No/ confíe
en esta página web:* *MailScanner ha detectado un
intento de fraude en la siguiente p�gina web
"groups.google.com". /No/ conf�e en esta p�gina web:*
https://groups.google.com/d/optout
<https://groups.google.com/d/optout>.
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py
<http://github.com/web2py/web2py> (Source code)
- https://code.google.com/p/web2py/issues/list
<https://code.google.com/p/web2py/issues/list> (Report
Issues)
---
You received this message because you are subscribed to
the Google Groups "web2py-users" group.
To unsubscribe from this group and stop receiving emails
from it, send an email to
[email protected]
<mailto:[email protected]>.
For more options, visit *MailScanner ha detectado un
intento de fraude en la siguiente p�gina web
"groups.google.com". /No/ conf�e en esta p�gina web:*
*MailScanner ha detectado un intento de fraude en la
siguiente página web "groups.google.com". /No/ confíe en
esta página web:* *MailScanner ha detectado un intento de
fraude en la siguiente p�gina web "groups.google.com".
/No/ conf�e en esta p�gina web:*
https://groups.google.com/d/optout
<https://groups.google.com/d/optout>.
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py
<http://github.com/web2py/web2py> (Source code)
- https://code.google.com/p/web2py/issues/list
<https://code.google.com/p/web2py/issues/list> (Report Issues)
---
You received this message because you are subscribed to
the Google Groups "web2py-users" group.
To unsubscribe from this group and stop receiving emails
from it, send an email to
[email protected]
<mailto:[email protected]>.
For more options, visit *MailScanner ha detectado un
intento de fraude en la siguiente p�gina web
"groups.google.com". /No/ conf�e en esta p�gina web:*
https://groups.google.com/d/optout
<https://groups.google.com/d/optout>.
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google
Groups "web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to [email protected]
<mailto:[email protected]>.
For more options, visit *MailScanner ha detectado un intento de fraude
en la siguiente p�gina web "groups.google.com". /No/ conf�e en esta
p�gina web:* https://groups.google.com/d/optout
<https://groups.google.com/d/optout>.
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups "web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
