summaryrefslogtreecommitdiff
path: root/pykolab
diff options
context:
space:
mode:
authorJeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com>2012-04-24 13:45:46 (GMT)
committerJeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com>2012-04-24 13:45:46 (GMT)
commitc178883c4220c0cea8736b758d5ee82f445457ad (patch)
tree28a66fde84a1b592495255c7ee82509b1b028eba /pykolab
parent9d6b584e7826c0586895d974f91fd69dae645cd0 (diff)
downloadpykolab-c178883c4220c0cea8736b758d5ee82f445457ad.tar.gz
Correct the authentication function
Diffstat (limited to 'pykolab')
-rw-r--r--pykolab/auth/ldap/__init__.py36
1 files changed, 32 insertions, 4 deletions
diff --git a/pykolab/auth/ldap/__init__.py b/pykolab/auth/ldap/__init__.py
index 09fc2b5..73893f5 100644
--- a/pykolab/auth/ldap/__init__.py
+++ b/pykolab/auth/ldap/__init__.py
@@ -144,20 +144,48 @@ class LDAP(pykolab.base.Base):
)
self.connect()
+ self._bind()
+
+ user_filter = self.config_get('user_filter')
+
+ _filter = '(&(|'
+
+ auth_attrs = self.config_get_list('auth_attributes')
+
+ for attr in auth_attrs:
+ _filter += "(%s=%s)" % (attr, login[0])
+ _filter += "(%s=%s@%s)" % (attr, login[0], realm)
+
+ _filter += ')%s)' % (user_filter)
+
+ _search = self.ldap.search_ext(
+ self.config_get('base_dn'),
+ ldap.SCOPE_SUBTREE,
+ _filter,
+ ['entrydn']
+ )
- user_dn = self._find_user_dn(login[0], realm)
+ (
+ _result_type,
+ _result_data,
+ _result_msgid,
+ _result_controls
+ ) = self.ldap.result3(_search)
+
+ if len(_result_data) >= 1:
+ (entry_dn, entry_attrs) = _result_data[0]
try:
log.debug(_("Binding with user_dn %s and password %s")
- % (user_dn, login[1]))
+ % (entry_dn, login[1]))
# Needs to be synchronous or succeeds and continues setting retval
# to True!!
- self.ldap.simple_bind_s(user_dn, login[1])
+ self.ldap.simple_bind_s(entry_dn, login[1])
retval = True
except:
log.debug(
- _("Failed to authenticate as user %s") % (user_dn),
+ _("Failed to authenticate as user %s") % (entry_dn),
level=8
)