Re: ldapauth and TLS

2008-10-17 Thread Daniele Procida 

On Thu, Oct 16, 2008, Daniele Procida <[EMAIL PROTECTED]> wrote:

>I'm trying to get django.contrib.auth.ldapauth.LDAPBackend - from:
>
>
>
>working with our LDAP server.
>
>However, if we set any value in LDAP_OPTIONS (other than 'None' - and
>even the one in the example above) we get an error:
>
>Exception Value:   
>'dict' object has no attribute 'LDAP_OPTIONS'
>Exception Location:
>/usr/lib/python2.5/site-packages/django/contrib/auth/ldapauth.py in
>authenticate, line 113

OK - I seem to have found the problem.

Line 113 of ldapauth.py:

self.ldap.set_option(k, self.settings.LDAP_OPTIONS[k])

should be:

self.ldap.set_option(k, self.settings["LDAP_OPTIONS"][k])

I presume that other instances of that syntax need to be changed.

Also, the syntax for settings.py that worked for me were:

import ldap
LDAP_OPTIONS = 'ldap.OPT_X_TLS_DEMAND,1'

I have commented on the ticket.

Thanks for all the help and suggestions.

Daniele


--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: ldapauth and TLS

2008-10-16 Thread Daniele Procida 

On Thu, Oct 16, 2008, Dj Gilcrease <[EMAIL PROTECTED]> wrote:

>
>Where are you changing this setting? It should be in the ldapauth.py
>settings section which should look something like the following, but
>with your data in it
>
>import ldap
>from django.conf import settings
>from django.contrib.auth.models import User
>
>settings = {
>'LDAP_SERVER_URI': 'ldap://localhost',
>'LDAP_SEARCHDN': 'dc=localhost',
>'LDAP_SCOPE': ldap.SCOPE_SUBTREE,
>'LDAP_SEARCH_FILTER': 'cn=%s',
>'LDAP_UPDATE_FIELDS': True,
>'LDAP_PREBINDDN': None,
>'LDAP_PREBINDPW': None,
>'LDAP_BINDDN': None,
>'LDAP_BIND_ATTRIBUTE': None,
>'LDAP_FIRST_NAME': None,
>'LDAP_LAST_NAME': None,
>'LDAP_FULL_NAME': None,
>'LDAP_GID': None,
>'LDAP_SU_GIDS': None,
>'LDAP_STAFF_GIDS': None,
>'LDAP_ACTIVE_FIELD': None,
>'LDAP_ACTIVE': None,
>'LDAP_EMAIL': None,
>'LDAP_DEFAULT_EMAIL_SUFFIX': None,
>'LDAP_OPTIONS': {'OPT_X_TLS_DEMAND': True},
>'LDAP_DEBUG': True,
>}

I'm doing the settings in settings.py, and they all seem to work quite
happily there, apart from LDAP_OPTIONS. 

I've tried setting LDAP_OPTIONS in ldapauth.py as well, in exactly the
same same way as you describe here. The error remains the same.

I've been trying to work out how to set the option manually (using
something like:

ldap.set_option(ldap.OPT_X_TLS_DEMAND, True)

to test it at a lower level.

However, I don't know quite what that should be, nor where to put it.

Daniele


--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: ldapauth and TLS

2008-10-16 Thread Dj Gilcrease 

Where are you changing this setting? It should be in the ldapauth.py
settings section which should look something like the following, but
with your data in it

import ldap
from django.conf import settings
from django.contrib.auth.models import User

settings = {
'LDAP_SERVER_URI': 'ldap://localhost',
'LDAP_SEARCHDN': 'dc=localhost',
'LDAP_SCOPE': ldap.SCOPE_SUBTREE,
'LDAP_SEARCH_FILTER': 'cn=%s',
'LDAP_UPDATE_FIELDS': True,
'LDAP_PREBINDDN': None,
'LDAP_PREBINDPW': None,
'LDAP_BINDDN': None,
'LDAP_BIND_ATTRIBUTE': None,
'LDAP_FIRST_NAME': None,
'LDAP_LAST_NAME': None,
'LDAP_FULL_NAME': None,
'LDAP_GID': None,
'LDAP_SU_GIDS': None,
'LDAP_STAFF_GIDS': None,
'LDAP_ACTIVE_FIELD': None,
'LDAP_ACTIVE': None,
'LDAP_EMAIL': None,
'LDAP_DEFAULT_EMAIL_SUFFIX': None,
'LDAP_OPTIONS': {'OPT_X_TLS_DEMAND': True},
'LDAP_DEBUG': True,
}

Dj Gilcrease
OpenRPG Developer
~~http://www.openrpg.com

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: ldapauth and TLS

2008-10-16 Thread Daniele Procida 

On Thu, Oct 16, 2008, Steven Armstrong <[EMAIL PROTECTED]> wrote:

>import ldap
>LDAP_OPTIONS = {ldap.OPT_X_TLS_DEMAND: True}

It's doesn't crash the server, but it's the same error as before:

Exception Type: 
AttributeError
Exception Value:
'dict' object has no attribute 'LDAP_OPTIONS'

Daniele


--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: ldapauth and TLS

2008-10-16 Thread Steven Armstrong 

Daniele Procida wrote on 10/16/08 20:43:
> On Thu, Oct 16, 2008, Dj Gilcrease <[EMAIL PROTECTED]> wrote:
> 
>> LDAP_OPTIONS = 'ldap.OPT_X_TLS_DEMAND: True'
>> should be
>> LDAP_OPTIONS = {ldap.OPT_X_TLS_DEMAND: True}
> 
> Sdly, that immediately crashes the server:
> 
> Traceback (most recent call last):
>   File "manage.py", line 4, in 
> import settings # Assumed to be in the same directory.
>   File "/home/daniele/testmedic/settings.py", line 95, in 
> LDAP_OPTIONS = {ldap.OPT_X_TLS_DEMAND: True}
> NameError: name 'ldap' is not defined

import ldap
LDAP_OPTIONS = {ldap.OPT_X_TLS_DEMAND: True}


--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: ldapauth and TLS

2008-10-16 Thread Daniele Procida 

On Thu, Oct 16, 2008, Dj Gilcrease <[EMAIL PROTECTED]> wrote:

>LDAP_OPTIONS = {'OPT_X_TLS_DEMAND': True}

I'm afraid that's not it either; nor is:

LDAP_OPTIONS = {'ldap.OPT_X_TLS_DEMAND': True}

Daniele


--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: ldapauth and TLS

2008-10-16 Thread Dj Gilcrease 

Ahh yes, been a while since I messed with my settings for that file
but I think this is what you need LDAP_OPTIONS = {'OPT_X_TLS_DEMAND':
True}


Dj Gilcrease
OpenRPG Developer
~~http://www.openrpg.com



On Thu, Oct 16, 2008 at 12:43 PM, Daniele Procida
<[EMAIL PROTECTED]> wrote:
>
> On Thu, Oct 16, 2008, Dj Gilcrease <[EMAIL PROTECTED]> wrote:
>
>>
>> LDAP_OPTIONS = 'ldap.OPT_X_TLS_DEMAND: True'
>>should be
>> LDAP_OPTIONS = {ldap.OPT_X_TLS_DEMAND: True}
>
> Sdly, that immediately crashes the server:
>
> Traceback (most recent call last):
>  File "manage.py", line 4, in 
>import settings # Assumed to be in the same directory.
>  File "/home/daniele/testmedic/settings.py", line 95, in 
>LDAP_OPTIONS = {ldap.OPT_X_TLS_DEMAND: True}
> NameError: name 'ldap' is not defined
>
> Daniele
>
>
> >
>

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: ldapauth and TLS

2008-10-16 Thread Daniele Procida 

On Thu, Oct 16, 2008, Dj Gilcrease <[EMAIL PROTECTED]> wrote:

>
> LDAP_OPTIONS = 'ldap.OPT_X_TLS_DEMAND: True'
>should be
> LDAP_OPTIONS = {ldap.OPT_X_TLS_DEMAND: True}

Sdly, that immediately crashes the server:

Traceback (most recent call last):
  File "manage.py", line 4, in 
import settings # Assumed to be in the same directory.
  File "/home/daniele/testmedic/settings.py", line 95, in 
LDAP_OPTIONS = {ldap.OPT_X_TLS_DEMAND: True}
NameError: name 'ldap' is not defined

Daniele


--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: ldapauth and TLS

2008-10-16 Thread Dj Gilcrease 

 LDAP_OPTIONS = 'ldap.OPT_X_TLS_DEMAND: True'
should be
 LDAP_OPTIONS = {ldap.OPT_X_TLS_DEMAND: True}

I would think

Dj Gilcrease
OpenRPG Developer
~~http://www.openrpg.com



On Thu, Oct 16, 2008 at 12:04 PM, Daniele Procida
<[EMAIL PROTECTED]> wrote:
>
> On Thu, Oct 16, 2008, Jeff Anderson <[EMAIL PROTECTED]> wrote:
>
>>> According to the documentation, we should be able to set LDAP_OPTIONS
>>> along with the other settings:
>>>
>>> ``LDAP_OPTIONS`` -- hash, python-ldap global options and their values
>>>  {ldap.OPT_X_TLS_CACERTDIR: '/etc/ldap/ca/'}
>>>
>>> However, if we set any value in LDAP_OPTIONS (other than 'None' - and
>>> even the one in the example above) we get an error
>
>>> The full error is at: 
>>>
>>> How can we set LDAP_OPTIONS to turn on TLS?
>>>
>
>>LDAP_OPTIONS should be defined in your settings.py. Paste what you have
>>in your settings.py for the ldap configuration, and I can help diagnose.
>
> Well, what we have in there now is:
>
>LDAP_OPTIONS = 'ldap.OPT_X_TLS_DEMAND: True'
>
> Feel free to see what happens when you try to log in at:
>
>
>
> You'll need to use the username "sagdp6" (and use any old password).
>
> Thanks,
>
> Daniele
>
>
> >
>

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: ldapauth and TLS

2008-10-16 Thread Daniele Procida 

On Thu, Oct 16, 2008, Jeff Anderson <[EMAIL PROTECTED]> wrote:

>> According to the documentation, we should be able to set LDAP_OPTIONS
>> along with the other settings:
>>
>> ``LDAP_OPTIONS`` -- hash, python-ldap global options and their values 
>>  {ldap.OPT_X_TLS_CACERTDIR: '/etc/ldap/ca/'} 
>>
>> However, if we set any value in LDAP_OPTIONS (other than 'None' - and
>> even the one in the example above) we get an error

>> The full error is at: 
>>
>> How can we set LDAP_OPTIONS to turn on TLS?
>>   

>LDAP_OPTIONS should be defined in your settings.py. Paste what you have
>in your settings.py for the ldap configuration, and I can help diagnose.

Well, what we have in there now is:

LDAP_OPTIONS = 'ldap.OPT_X_TLS_DEMAND: True'

Feel free to see what happens when you try to log in at: 



You'll need to use the username "sagdp6" (and use any old password).

Thanks,

Daniele


--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: ldapauth and TLS

2008-10-16 Thread Jeff Anderson 
Daniele Procida wrote:
> I'm trying to get django.contrib.auth.ldapauth.LDAPBackend - from:
>
> 
>
> working with our LDAP server.
>
> IWe need TLS before the server will permit us to exchange a password with it.
>
> According to the documentation, we should be able to set LDAP_OPTIONS
> along with the other settings:
>
> ``LDAP_OPTIONS`` -- hash, python-ldap global options and their values 
>   {ldap.OPT_X_TLS_CACERTDIR: '/etc/ldap/ca/'} 
>
> However, if we set any value in LDAP_OPTIONS (other than 'None' - and
> even the one in the example above) we get an error:
>
> Exception Value:  
> 'dict' object has no attribute 'LDAP_OPTIONS'
> Exception Location:
> /usr/lib/python2.5/site-packages/django/contrib/auth/ldapauth.py in
> authenticate, line 113
>
> The full error is at: 
>
> How can we set LDAP_OPTIONS to turn on TLS?
>   
Hello,

LDAP_OPTIONS should be defined in your settings.py. Paste what you have
in your settings.py for the ldap configuration, and I can help diagnose.


Jeff Anderson



signature.asc
Description: OpenPGP digital signature