I am using ldap_auth. The following example shows an error I received after adding manage_user=True. It is unclear to me why this is a problem.
>>> ldap_auth_aux = ldap_auth(mode='ad', ... server='my.domain.controller', ... base_dn='ou=Users,dc=domain,dc=com', ... filterstr='objectClass=*', ... manage_user=True, ... user_firstname_attrib='givenName', ... user_lastname_attrib='sn', ... user_mail_attrib='mail') >>> import logging >>> logger = logging.getLogger('web2py.auth.ldap_auth') >>> logger.setLevel(logging.DEBUG) >>> ldap_auth_aux('chanson', '********') DEBUG:web2py.auth.ldap_auth:mode: [ad] manage_user: [True] custom_scope: [ subtree] manage_groups: [False] INFO:web2py.auth.ldap_auth:[my.domain.controller] Initialize ldap connection INFO:web2py.auth.ldap_auth:[chanson] Manage user data Traceback (most recent call last): File "<console>", line 1, in <module> File "/srv/www/web2py/gluon/contrib/login_methods/ldap_auth.py", line 421, in ldap_auth_aux user_in_db = db(db.auth_user.email == username) AttributeError: 'NoneType' object has no attribute 'auth_user' >>> ldap_auth_aux('chanson', '********', db=db) DEBUG:web2py.auth.ldap_auth:mode: [ad] manage_user: [True] custom_scope: [ subtree] manage_groups: [False] INFO:web2py.auth.ldap_auth:[my.domain.controller] Initialize ldap connection INFO:web2py.auth.ldap_auth:[chanson] Manage user data True >>> db.commit() The Traceback in the error ticket showed one of the following prior to the error on line 421 in ldap_auth_aux: - File "/srv/www/web2py/gluon/tools.py", line 2123, in login - File "/srv/www/web2py/gluon/tools.py", line 2144, in login The interesting code is the following: login_method(request.vars[username], request.vars[passfield]): db is not passed to the function. The function definition of ldap_auth_aux has db=db, but the function is defined in ldap_auth which defaults to db=None. I am not sure how it worked before. My solution is to add db=db to my login_methods definition: auth.settings.login_methods = [ ldap_auth(...as usual..., manage_user=True, user_firstname_attrib='givenName', user_lastname_attrib='sn', user_mail_attrib='mail', db=db ) ] I also noticed that the user_xxx_attrib values are case sensitive. For example, I use givenName for the user_firstname_attrib. Searching ldap is case insensitive, so I think the results should not be, but the results create a dictionary which has case sensitive keys. In my case, if I use givenname, which is the norm for me when I interact with ldap, line 665 of ldap_auth.py throws an exception and my first_name in the auth_user table gets created or updated to None, depending on whether the user exists or not. I don't know if this needs to be changed necessarily. I think it would be better to be case insensitive, since searches are that way, but if not, at a minimum the documentation should say it that the case of the attribute should match the schema definition. I'm not sure how to resolve the db=db issue above other than the way I did, since I am unclear why it worked before I added manage_user=True. Carlos Hanson -- --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.