Hello Richard,
Thanks for your fast answer.
Even using ldap_auth as only method, 'login_bare' always check user in
local database.
I remove auth login method.
I overwrite 'login_bare' method to:
------------
def login_bare(self, username, password):
for login_method in self.settings.login_methods:
if login_method != self and login_method(username, password):
self.user = user
return user
return False
-------------
This way, it tries to validate with: ldap_auth_aux method.
But it doesn't connect to server and can't validate.
>From Android, with JWT:
If introduce right ldap user and wrong password, it returns an
authentication error,
and if introduce the right ldap user and password, it returns a connection
error.
(I think ldap_auth_aux doesn't have all needed arguments, but I'm not sure).
Anyway, I need the user authentication order: ldap_auth, auth
In both cases, web application authentication and JWT (Android app).
It is very important, if I can't do it, I'll have to find other solution.
Thank you for your help.
Best regards,
Francisco.
El lunes, 25 de septiembre de 2017, 18:53:07 (UTC+2), Richard escribió:
>
> I think you can enforce that this way :
>
> auth.settings.login_methods = [ldap_auth(...)] as the only method...
>
> For instance I have :
>
> auth.settings.login_methods = [auth, ldap_auth(...)]
>
> So it check the password first in web2py then in Active Directory... I
> guess by removing the auth ad an authentication method it will only allow
> authentication against the ldap/AD instance.
>
> Richard
>
> On Mon, Sep 25, 2017 at 12:41 PM, Francisco García Claramonte <
> [email protected] <javascript:>> wrote:
>
>> Hello all,
>>
>> I am using logging methods: ldap_auth (in 'ad' mode) and auth.
>> My application logins perfectly from web auth form, validate with both
>> methods, depending the order of them.
>>
>> I am using AuthJWT for remote access, from an Android mobile application.
>> It works fine with local database.
>> My Web2py application validate users with jwt_token_manager()
>> This method calls to login_bare(username, password).
>>
>> According to source code: gluon/tools.py, 'login_bare' checks if user
>> exists in local database, if not, check the following login methods.
>> It doesn't work for me.
>> This is my situation with AuthJWT:
>>
>> 1- I user exists in local database, it is authenticated properly.
>> 2- If user doesn't exist in database, or auth fails, It doesn't try to
>> validate with ldap_auth method.
>>
>> I need that user always validate with ldap_auth.
>>
>> Do you know what is happening?.
>> Thank you in advance.
>>
>> Best regards,
>> Francisco.
>>
>> --
>> Resources:
>> - http://web2py.com
>> - http://web2py.com/book (Documentation)
>> - http://github.com/web2py/web2py (Source code)
>> - https://code.google.com/p/web2py/issues/list (Report Issues)
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "web2py-users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to [email protected] <javascript:>.
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
