kallithea Changeset - f56533aa1caa

Changeset - f56533aa1caa

Parent rev.

Child rev.

[Not reviewed]

Merge beta

0 2 0

"Lorenzo M. Catucci" - 15 years ago 2011-04-26 14:03:00
lorenzo@sancho.ccd.uniroma2.it

Automated merge with https://rhodecode.org/rhodecode

2 files changed with 8 insertions and 7 deletions:

rhodecode/lib/auth.py

rhodecode/lib/auth_ldap.py

0 comments (0 inline, 0 general)

rhodecode/lib/auth.py

➞

Show inline comments

@@ @@ -184,54 +184,54 @@ def authenticate(username, password): @@
         #======================================================================
         if str2bool(ldap_settings.get('ldap_active')):
             log.debug("Authenticating user using ldap")
             kwargs = {
                   'server': ldap_settings.get('ldap_host', ''),
                   'base_dn': ldap_settings.get('ldap_base_dn', ''),
                   'port': ldap_settings.get('ldap_port'),
                   'bind_dn': ldap_settings.get('ldap_dn_user'),
                   'bind_pass': ldap_settings.get('ldap_dn_pass'),
                   'use_ldaps': str2bool(ldap_settings.get('ldap_ldaps')),
                   'tls_reqcert': ldap_settings.get('ldap_tls_reqcert'),
                   'ldap_filter': ldap_settings.get('ldap_filter'),
                   'search_scope': ldap_settings.get('ldap_search_scope'),
                   'attr_login': ldap_settings.get('ldap_attr_login'),
                   'ldap_version': 3,
+                  }
             log.debug('Checking for ldap authentication')
             try:
                 aldap = AuthLdap(**kwargs)
                 (user_dn, ldap_attrs) = aldap.authenticate_ldap(username,
                                                                 password)
                 log.debug('Got ldap DN response %s', user_dn)
                 user_attrs = {
                     'name': ldap_attrs[ldap_settings\
                                        .get('ldap_attr_firstname')][0],
                     'lastname': ldap_attrs[ldap_settings\
                                            .get('ldap_attr_lastname')][0],
                     'email': ldap_attrs[ldap_settings\
                                         .get('ldap_attr_email')][0],
                     'name': ldap_attrs.get(ldap_settings\
                                        .get('ldap_attr_firstname'), [''])[0],
                     'lastname': ldap_attrs.get(ldap_settings\
                                            .get('ldap_attr_lastname'),[''])[0],
                     'email': ldap_attrs.get(ldap_settings\
                                         .get('ldap_attr_email'), [''])[0],
+                    }
                 if user_model.create_ldap(username, password, user_dn,
                                           user_attrs):
                     log.info('created new ldap user %s', username)
                 return True
             except (LdapUsernameError, LdapPasswordError,):
                 pass
             except (Exception,):
                 log.error(traceback.format_exc())
                 pass
     return False
 class  AuthUser(object):
     """
     A simple object that handles all attributes of user in RhodeCode
     It does lookup based on API key,given user, or user present in session
     Then it fills all required information for such user. It also checks if
     anonymous access is enabled and if so, it returns default user as logged
     in
     """

rhodecode/lib/auth_ldap.py

➞

Show inline comments

@@ @@ -84,45 +84,46 @@ class AuthLdap(object): @@
             ldap.set_option(ldap.OPT_RESTART, ldap.OPT_ON)
             ldap.set_option(ldap.OPT_TIMEOUT, 20)
             ldap.set_option(ldap.OPT_NETWORK_TIMEOUT, 10)
             ldap.set_option(ldap.OPT_TIMELIMIT, 15)
             if self.LDAP_USE_LDAPS:
                 ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, self.TLS_REQCERT)
             server = ldap.initialize(self.LDAP_SERVER)
             if self.ldap_version == 2:
                 server.protocol = ldap.VERSION2
             else:
                 server.protocol = ldap.VERSION3
             if self.LDAP_BIND_DN and self.LDAP_BIND_PASS:
                 server.simple_bind_s(self.LDAP_BIND_DN, self.LDAP_BIND_PASS)
             filt = '(&%s(%s=%s))' % (self.LDAP_FILTER, self.attr_login, username)
             log.debug("Authenticating %r filt %s at %s", self.BASE_DN,
                       filt, self.LDAP_SERVER)
             lobjects = server.search_ext_s(self.BASE_DN, self.SEARCH_SCOPE,
                                            filt)
             if not lobjects:
                 raise ldap.NO_SUCH_OBJECT()
-            for (dn, attrs) in lobjects:
+            for (dn, _attrs) in lobjects:
                 try:
                     server.simple_bind_s(dn, password)
                     attrs = server.search_ext_s(dn, ldap.SCOPE_BASE, '(objectClass=*)')[0][1]
                     break
                 except ldap.INVALID_CREDENTIALS, e:
                     log.debug("LDAP rejected password for user '%s' (%s): %s",
                               uid, username, dn)
             else:
                 log.debug("No matching LDAP objects for authentication "
                           "of '%s' (%s)", uid, username)
                 raise LdapPasswordError()
         except ldap.NO_SUCH_OBJECT, e:
             log.debug("LDAP says no such user '%s' (%s)", uid, username)
             raise LdapUsernameError()
         except ldap.SERVER_DOWN, e:
             raise LdapConnectionError("LDAP can't access authentication server")
         return (dn, attrs)

0 comments (0 inline, 0 general)