Enable LDAP module #1204
Open
Enable LDAP module #1204
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
houndci-bot
reviewed
Nov 26, 2018
| search_conn = self._ldap_search_conn | ||
| else: | ||
| search_conn = self._ldap_conn | ||
|
|
||
| self._logger.debug('username %s formatted _ldap_search username %s' % (self.username, self._ldap_search.format(ldap.dn.escape_dn_chars(self.username)))) |
There was a problem hiding this comment.
line too long (164 > 79 characters)
| @@ -387,11 +395,13 @@ def authenticate(self): | |||
| try: | |||
| # Create separate connection for search? | |||
| if self._ldap_search_conn is not None: | |||
| self._ldap_search_conn.simple_bind(self._ldap_search_binddn, self._ldap_search_password) | |||
| self._ldap_search_conn.simple_bind_s(self._ldap_search_binddn, self._ldap_search_password) | |||
There was a problem hiding this comment.
line too long (106 > 79 characters)
| @@ -368,13 +373,16 @@ def authenticate(self): | |||
| return self._authenticated | |||
|
|
|||
| try: | |||
| self._logger.debug('username %s formatted _ldap_binddn_fmt username %s' % (self.username, self._ldap_binddn_fmt.format(ldap.dn.escape_dn_chars(self.username)))) | |||
There was a problem hiding this comment.
line too long (172 > 79 characters)
|
Thanks for contributing! To understand the proposed changes, what problem did you want to address by adding the secondary_backend? Wouldn't you achieve the same thing by simply making ldap1 the default backend (which would be used for usernames without "@" in them), and using the username "localadmin@local" when you want to authenticate using the local auth backend? Hard-coding usernames in the auth library is something I'd really like to avoid. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Enable LDAP(S) and install prerequisites.
fix logging,
try to improve authentication in a better way for use cases that cannot authenticate with a '@' symbol.