pyramid_ldap authentication ldap.SCOPE_SUBTREE
36 views
Skip to first unread message
Eric Lemoine
Aug 22, 2012, 8:27:40 AM8/22/12
to pylons-...@googlegroups.com
Hello
I'm trying to use pyramid_ldap with the ldap.SCOPE_SUBTREE scope in
config.ldap_set_login_query. This is because the main directory is
composed of multiple sub-directories (I'm not an LDAP expert, so I'm
not what I'm saying makes sense, sorry). The problem is that the
"authenticate" function always returns None in that case, because the
number of results returned by the search call is greater than 1
(search response provided below). See
<https://github.com/Pylons/pyramid_ldap/blob/master/pyramid_ldap/__init__.py#L118>.
Does what I'm doing actually make sense at all? Does pyramid_ldap
support SCOPE_SUBTREE for login/authentication?
Here is the response I get from the LDAP search call:
[
('CN=Kalbermatten
Micha\xc3\xabl,OU=NoRoamingProfiles,OU=SGRF,OU=SGRF,OU=DGT,OU=Utilisate
urs,OU=ACN,DC=ne,DC=ch', {'accountExpires': ['0'], ...}),
(None, ['ldap://vdn.ne.ch/DC=vdn,DC=ne,DC=ch']),
(None, ['ldap://vch.ne.ch/DC=vch,DC=ne,DC=ch']),
(None, ['ldap://sne.ne.ch/DC=sne,DC=ne,DC=ch']),
(None, ['ldap://DomainDnsZones.ne.ch/DC=DomainDnsZones,DC=ne,DC=ch']),
(None, ['ldap://ForestDnsZones.ne.ch/DC=ForestDnsZones,DC=ne,DC=ch']),
(None, ['ldap://ne.ch/CN=Configuration,DC=ne,DC=ch'])
]
Thanks for any insight.
--
Eric Lemoine
Camptocamp France SAS
Savoie Technolac, BP 352
73377 Le Bourget du Lac, Cedex
Tel : 00 33 4 79 44 44 96
Mail : eric.l...@camptocamp.com
http://www.camptocamp.com
I'm trying to use pyramid_ldap with the ldap.SCOPE_SUBTREE scope in
config.ldap_set_login_query. This is because the main directory is
composed of multiple sub-directories (I'm not an LDAP expert, so I'm
not what I'm saying makes sense, sorry). The problem is that the
"authenticate" function always returns None in that case, because the
number of results returned by the search call is greater than 1
(search response provided below). See
<https://github.com/Pylons/pyramid_ldap/blob/master/pyramid_ldap/__init__.py#L118>.
Does what I'm doing actually make sense at all? Does pyramid_ldap
support SCOPE_SUBTREE for login/authentication?
Here is the response I get from the LDAP search call:
[
('CN=Kalbermatten
Micha\xc3\xabl,OU=NoRoamingProfiles,OU=SGRF,OU=SGRF,OU=DGT,OU=Utilisate
urs,OU=ACN,DC=ne,DC=ch', {'accountExpires': ['0'], ...}),
(None, ['ldap://vdn.ne.ch/DC=vdn,DC=ne,DC=ch']),
(None, ['ldap://vch.ne.ch/DC=vch,DC=ne,DC=ch']),
(None, ['ldap://sne.ne.ch/DC=sne,DC=ne,DC=ch']),
(None, ['ldap://DomainDnsZones.ne.ch/DC=DomainDnsZones,DC=ne,DC=ch']),
(None, ['ldap://ForestDnsZones.ne.ch/DC=ForestDnsZones,DC=ne,DC=ch']),
(None, ['ldap://ne.ch/CN=Configuration,DC=ne,DC=ch'])
]
Thanks for any insight.
--
Eric Lemoine
Camptocamp France SAS
Savoie Technolac, BP 352
73377 Le Bourget du Lac, Cedex
Tel : 00 33 4 79 44 44 96
Mail : eric.l...@camptocamp.com
http://www.camptocamp.com
Reply all
Reply to author
Forward
0 new messages