shaba/openuds
1
0
Fork 1
mirror of https://github.com/dkmstr/openuds.git synced 2025-01-18 06:03:54 +03:00
Code Issues Releases Wiki Activity

Fix mistake on merge Ldap authenticator fix on 1.5 :-)

Browse Source
This commit is contained in:
Adolfo Gómez García 2014-09-11 16:14:33 +02:00
parent d3c6312ed5
commit 14b24db532
2 changed files with 5 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
server/.settings/org.eclipse.core.resources.prefs
View File

@ -216,9 +216,7 @@ encoding//src/uds/services/Xen/xen_client/__init__.py=utf-8
encoding//src/uds/services/__init__.py=utf-8 encoding//src/uds/services/__init__.py=utf-8
encoding//src/uds/templatetags/REST.py=utf-8 encoding//src/uds/templatetags/REST.py=utf-8
encoding//src/uds/templatetags/html5.py=utf-8 encoding//src/uds/templatetags/html5.py=utf-8
encoding//src/uds/tests/__init__.py=utf-8
encoding//src/uds/tests/core/util/cache.py=utf-8 encoding//src/uds/tests/core/util/cache.py=utf-8
encoding//src/uds/tests/core/util/net.py=utf-8
encoding//src/uds/tests/core/util/storage.py=utf-8 encoding//src/uds/tests/core/util/storage.py=utf-8
encoding//src/uds/tests/enterprise/__init__.py=utf-8 encoding//src/uds/tests/enterprise/__init__.py=utf-8
encoding//src/uds/tests/enterprise/serials/__init__.py=utf-8 encoding//src/uds/tests/enterprise/serials/__init__.py=utf-8

15
server/src/uds/auths/SimpleLDAP/Authenticator.py
View File

@ -43,7 +43,7 @@ from uds.core.auths.Exceptions import AuthenticatorException
import ldap import ldap
import logging import logging
__updated__ = '2014-06-02' __updated__ = '2014-09-11'
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
@ -145,9 +145,6 @@ class SimpleLDAPAuthenticator(Authenticator):
l = None l = None
cache = False cache = False
try: try:
if password is not None:
password = password.encode('utf-8')
# ldap.set_option(ldap.OPT_DEBUG_LEVEL, 9) # ldap.set_option(ldap.OPT_DEBUG_LEVEL, 9)
ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER) ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER)
schema = self._ssl and 'ldaps' or 'ldap' schema = self._ssl and 'ldaps' or 'ldap'
@ -182,11 +179,10 @@ class SimpleLDAPAuthenticator(Authenticator):
try: try:
con = self.__connection() con = self.__connection()
filter_ = '(&(objectClass=%s)(%s=%s))' % (self._userClass, self._userIdAttr, username) filter_ = '(&(objectClass=%s)(%s=%s))' % (self._userClass, self._userIdAttr, username)
attrlist = [x.encode('utf-8') for x in self._userNameAttr.split(',')] + [self._userIdAttr.encode('utf-8')] attrlist = [i.encode('utf-8') for i in self._userNameAttr.split(',') + [self._userIdAttr]]
logger.debug('Getuser filter_: {0}, attr list: {1}'.format(filter_, attrlist)) logger.debug('Getuser filter_: {0}, attr list: {1}'.format(filter_, attrlist))
res = con.search_ext_s(base=self._ldapBase, scope=ldap.SCOPE_SUBTREE, res = con.search_ext_s(base=self._ldapBase, scope=ldap.SCOPE_SUBTREE,
filterstr=filter_, attrlist=attrlist, sizelimit=LDAP_RESULT_LIMIT)[0] filterstr=filter_, attrlist=attrlist, sizelimit=LDAP_RESULT_LIMIT)[0]
logger.debug('res: {0}'.format(res[1]))
usr = dict((k, '') for k in attrlist) usr = dict((k, '') for k in attrlist)
usr.update(res[1]) usr.update(res[1])
usr.update({'dn': res[0], '_id': username}) usr.update({'dn': res[0], '_id': username})
@ -204,7 +200,6 @@ class SimpleLDAPAuthenticator(Authenticator):
logger.debug('Getgroup filter_: {0}, attr list {1}'.format(filter_, attrlist)) logger.debug('Getgroup filter_: {0}, attr list {1}'.format(filter_, attrlist))
res = con.search_ext_s(base=self._ldapBase, scope=ldap.SCOPE_SUBTREE, res = con.search_ext_s(base=self._ldapBase, scope=ldap.SCOPE_SUBTREE,
filterstr=filter_, attrlist=attrlist, sizelimit=LDAP_RESULT_LIMIT)[0] filterstr=filter_, attrlist=attrlist, sizelimit=LDAP_RESULT_LIMIT)[0]
logger.debug('res: {0}'.format(res[1]))
grp = dict((k, ['']) for k in attrlist) grp = dict((k, ['']) for k in attrlist)
grp.update(res[1]) grp.update(res[1])
grp.update({'dn': res[0], '_id': groupName}) grp.update({'dn': res[0], '_id': groupName})
@ -219,7 +214,7 @@ class SimpleLDAPAuthenticator(Authenticator):
con = self.__connection() con = self.__connection()
filter_ = '(&(objectClass=%s)(|(%s=%s)(%s=%s)))' % (self._groupClass, self._memberAttr, usr['_id'], self._memberAttr, usr['dn']) filter_ = '(&(objectClass=%s)(|(%s=%s)(%s=%s)))' % (self._groupClass, self._memberAttr, usr['_id'], self._memberAttr, usr['dn'])
logger.debug('Filter: {0}'.format(filter_)) logger.debug('Filter: {0}'.format(filter_))
res = con.search_ext_s(base=self._ldapBase, scope=ldap.SCOPE_SUBTREE, filterstr=filter_, attrlist=[self._groupIdAttr.encode('utf-8')], res = con.search_ext_s(base=self._ldapBase, scope=ldap.SCOPE_SUBTREE, filterstr=filter_, attrlist=[self._groupIdAttr],
sizelimit=LDAP_RESULT_LIMIT) sizelimit=LDAP_RESULT_LIMIT)
groups = {} groups = {}
for g in res: for g in res:
@ -239,7 +234,7 @@ class SimpleLDAPAuthenticator(Authenticator):
Tries to extract the real name for this user. Will return all atttributes (joint) Tries to extract the real name for this user. Will return all atttributes (joint)
specified in _userNameAttr (comma separated). specified in _userNameAttr (comma separated).
''' '''
return ' '.join([(type(usr.get(id_, '')) is list and ' '.join((k.decode('utf-8') for k in usr.get(id_, ''))) or usr.get(id_, '')) for id_ in self._userNameAttr.split(',')]).strip() return ' '.join([(type(usr.get(id_, '')) is list and ' '.join((str(k) for k in usr.get(id_, ''))) or str(usr.get(id_, ''))) for id_ in self._userNameAttr.split(',')]).strip()
def authenticate(self, username, credentials, groupsManager): def authenticate(self, username, credentials, groupsManager):
''' '''
@ -417,7 +412,7 @@ class SimpleLDAPAuthenticator(Authenticator):
# And group part, with membership # And group part, with membership
try: try:
res = con.search_ext_s(base=self._ldapBase, scope=ldap.SCOPE_SUBTREE, filterstr='(&(objectClass=%s)(%s=*))' % (self._groupClass, self._groupIdAttr), attrlist=[self._memberAttr]) res = con.search_ext_s(base=self._ldapBase, scope=ldap.SCOPE_SUBTREE, filterstr='(&(objectClass=%s)(%s=*))' % (self._groupClass, self._groupIdAttr), attrlist=[self._memberAttr.encode('utf-8')])
if len(res) == 0: if len(res) == 0:
raise Exception(_('Ldap group class or group id attr is probably wrong (can\'t find any group with both conditions)')) raise Exception(_('Ldap group class or group id attr is probably wrong (can\'t find any group with both conditions)'))
ok = False ok = False