Changeset - c81379d100e0
Parent rev.
Child rev.
[Not reviewed]
default
0 1 0
Denis Blanchette - 11 years ago 2015-01-23 17:06:06
dblanchette@coveo.com
pull request: fix user automatically activated with LDAP authentication (Issue #78)
1 file changed with 1 insertions and 1 deletions:
kallithea/lib/auth_modules/auth_ldap.py
1
1
0 comments (0 inline, 0 general)
kallithea/lib/auth_modules/auth_ldap.py
Show inline comments
 
@@ -313,49 +313,49 @@ class KallitheaAuthPlugin(auth_modules.K
 
            'bind_pass': settings.get('dn_pass'),
 
            'tls_kind': settings.get('tls_kind'),
 
            'tls_reqcert': settings.get('tls_reqcert'),
 
            'ldap_filter': settings.get('filter'),
 
            'search_scope': settings.get('search_scope'),
 
            'attr_login': settings.get('attr_login'),
 
            'ldap_version': 3,
 
        }
 

			




	
	
	
		
 
        if kwargs['bind_dn'] and not kwargs['bind_pass']:

			




	
	
	
		
 
            log.debug('Using dynamic binding.')

			




	
	
	
		
 
            kwargs['bind_dn'] = kwargs['bind_dn'].replace('$login', username)

			




	
	
	
		
 
            kwargs['bind_pass'] = password

			




	
	
	
		
 
        log.debug('Checking for ldap authentication')

			




	
	
	
		
 

			




	
	
	
		
 
        try:

			




	
	
	
		
 
            aldap = AuthLdap(**kwargs)

			




	
	
	
		
 
            (user_dn, ldap_attrs) = aldap.authenticate_ldap(username, password)

			




	
	
	
		
 
            log.debug('Got ldap DN response %s' % user_dn)

			




	
	
	
		
 

			




	
	
	
		
 
            get_ldap_attr = lambda k: ldap_attrs.get(settings.get(k), [''])[0]

			




	
	
	
		
 

			




	
	
	
		
 
            # old attrs fetched from Kallithea database

			




	
	
	
		
 
            admin = getattr(userobj, 'admin', False)

			




	
	
	
		
 
            active = getattr(userobj, 'active', True)

			




	
	
	
		
 
            active = getattr(userobj, 'active', self.user_activation_state())

			




	
	
	
		
 
            email = getattr(userobj, 'email', '')

			




	
	
	
		
 
            firstname = getattr(userobj, 'firstname', '')

			




	
	
	
		
 
            lastname = getattr(userobj, 'lastname', '')

			




	
	
	
		
 
            extern_type = getattr(userobj, 'extern_type', '')

			




	
	
	
		
 

			




	
	
	
		
 
            user_attrs = {

			




	
	
	
		
 
                'username': username,

			




	
	
	
		
 
                'firstname': safe_unicode(get_ldap_attr('attr_firstname') or firstname),

			




	
	
	
		
 
                'lastname': safe_unicode(get_ldap_attr('attr_lastname') or lastname),

			




	
	
	
		
 
                'groups': [],

			




	
	
	
		
 
                'email': get_ldap_attr('attr_email' or email),

			




	
	
	
		
 
                'admin': admin,

			




	
	
	
		
 
                'active': active,

			




	
	
	
		
 
                "active_from_extern": None,

			




	
	
	
		
 
                'extern_name': user_dn,

			




	
	
	
		
 
                'extern_type': extern_type,

			




	
	
	
		
 
            }

			




	
	
	
		
 
            log.info('user %s authenticated correctly' % user_attrs['username'])

			




	
	
	
		
 
            return user_attrs

			




	
	
	
		
 

			




	
	
	
		
 
        except (LdapUsernameError, LdapPasswordError, LdapImportError):

			




	
	
	
		
 
            log.error(traceback.format_exc())

			




	
	
	
		
 
            return None

			




	
	
	
		
 
        except (Exception,):

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2025 by various authors & licensed under GPLv3.