How is LDAP supposed to work?
24 views
Skip to first unread message
Daniele
May 7, 2010, 7:17:15 AM5/7/10
to django-auth-ldap
Is this correct:
1. if you try to bind to LDAP with a good username, but without
supplying a password, the LDAP server assumes that an anonymous bind
is desired, and the anonymous bind succeeds.
2. this means that if the LDAP client is only checking for a
successful bind, an attempt to login with a blank password will
succeed.
?
This appears to be happening with our setup, using django-auth-ldap
(or indeed anything that uses Python LDAP) - which was certainly
unexpected.
Daniele
1. if you try to bind to LDAP with a good username, but without
supplying a password, the LDAP server assumes that an anonymous bind
is desired, and the anonymous bind succeeds.
2. this means that if the LDAP client is only checking for a
successful bind, an attempt to login with a blank password will
succeed.
?
This appears to be happening with our setup, using django-auth-ldap
(or indeed anything that uses Python LDAP) - which was certainly
unexpected.
Daniele
Peter Sagerson
May 7, 2010, 12:41:57 PM5/7/10
to django-a...@googlegroups.com
I think that really depends on your LDAP server. For instance, OpenLDAP will only exhibit this behavior if you have "allow bind_anon_dn" in your global configuration (see man 5 slapd.conf).
If you're not sure how your server is configured or don't have control over it, you'll probably want to add some validation to the login form to be safe. You can also use AUTH_LDAP_USER_FLAGS_BY_GROUP to set the is_active flag by group membership, so that only explicitly activated users can log in.
Di majo
May 12, 2024, 3:56:22 PM5/12/24
to django-auth-ldap
MT103/202 DIRECT WIRE TRANSFER
PAYPAL TRANSFER
CASHAPP TRANSFER
ZELLE TRANSFER
LOAN DEAL
TRANSFER WISE
WESTERN UNION TRANSFER
BITCOIN FLASHING
BANK ACCOUNT LOADING/FLASHING
IBAN TO IBAN TRANSFER
MONEYGRAM TRANSFER
IPIP/DTC
SLBC PROVIDER
CREDIT CARD TOP UP
DUMPS/ PINS
SEPA TRANSFER
WIRE TRANSFER
BITCOIN TOP UP
GLOBALPAY INC US
SKRILL USA
UNIONPAY RECEIVER
Thanks.
NOTE; ONLY SERIOUS / RELIABLE RECEIVERS CAN CONTACT.
DM ME ON WHATSAPP
+44 7529 555638
PAYPAL TRANSFER
CASHAPP TRANSFER
ZELLE TRANSFER
LOAN DEAL
TRANSFER WISE
WESTERN UNION TRANSFER
BITCOIN FLASHING
BANK ACCOUNT LOADING/FLASHING
IBAN TO IBAN TRANSFER
MONEYGRAM TRANSFER
IPIP/DTC
SLBC PROVIDER
CREDIT CARD TOP UP
DUMPS/ PINS
SEPA TRANSFER
WIRE TRANSFER
BITCOIN TOP UP
GLOBALPAY INC US
SKRILL USA
UNIONPAY RECEIVER
Thanks.
NOTE; ONLY SERIOUS / RELIABLE RECEIVERS CAN CONTACT.
DM ME ON WHATSAPP
+44 7529 555638
Reply all
Reply to author
Forward
0 new messages