Hey Richard, Sorry for the very late answer I had personal issues that kept me out of this project. Yes I try to create an app to "manage" parts of an ldap server such as display query results (predefined queries) and later, maybe, modify informations in this ldap server.
On Wednesday, November 18, 2015 at 9:23:39 PM UTC-5, Richard wrote: > > Hello Jonathan, > > What are you trying to do exactly? Are you trying to write an App that can > manage an LDAP server? Something like PHPldapadmin for instance? > > Richard > > On Wed, Nov 18, 2015 at 3:45 PM, Niphlod <nip...@gmail.com <javascript:>> > wrote: > >> if you expose it to him, yes. >> Unfortunately in your situation the only way to create an ldap connection >> is to save somewhere what you need to bind to the AD server, which at the >> very LEAST is username and password. Once again I urge to speak with AD >> administrators and require a dedicated set of credentials to let your app >> connect to AD servers. >> I'm pretty sure that if you explain them what you're trying to do without >> it (really scary stuff), they'll be happy to comply. >> >> On a totally different path, you can subclass or make your own >> login_method (mostly copy/pasting web2py's one) and append your queries to >> it. >> >> >> On Wednesday, November 18, 2015 at 9:20:34 PM UTC+1, Jonathan R wrote: >>> >>> Hi Niphlod, >>> I used your method but the downside is that I have a plain text password >>> stored in my application then, I'm not really aware how secure it is to do >>> so, is there a way for an attacker to extract this info ? >>> >>> On Wednesday, November 18, 2015 at 3:09:08 PM UTC-5, Niphlod wrote: >>>> >>>> you can't really serialize a connection. you can serialize the plain >>>> password and then create a new one, using the credentials the user gave >>>> you. >>>> >>>> On Wednesday, November 18, 2015 at 7:54:56 PM UTC+1, Jonathan R wrote: >>>>> >>>>> Hi, >>>>> I'm still working on an app connecting on a ldap server using the >>>>> credentials provided at login time by the user (in the webapp) and my >>>>> objective is to bind once to the ldap server right after login and use >>>>> this >>>>> bind to make the different query requested by the user. >>>>> I bind using a custom function added to the list : >>>>> >>>>> auth.settings.login_onaccept >>>>> >>>>> I tried to use session to pass it to the app : >>>>> my code looks like : >>>>> >>>>> def ldap_connect : >>>>> >>>>> # create a simpleLDAPObject named *con* >>>>> >>>>> # initialize this object >>>>> >>>>> # use username and password provided to bind >>>>> >>>>> # here comes the problem: make the con object available outside >>>>> this function as long as the user is logged in >>>>> # I tried different flavor of : (session.con , session.vars.con, >>>>> session.vars[con]) the issue is not on the syntax >>>>> >>>>> session['con'] = con >>>>> >>>>> This send an internal error while processing the functions: >>>>> session.try_store_in ... [cookie_or_file, file] and return a Pikling >>>>> Error >>>>> Can't pikle <type 'thread.lock' >: attribute lookup thread.lock failed. >>>>> >>>>> I suppose this is why there is a section called "Don't store user >>>>> defined object in session' in the book, my question is then where should >>>>> I >>>>> store it ? >>>>> >>>>> >>>> -- >> Resources: >> - http://web2py.com >> - http://web2py.com/book (Documentation) >> - http://github.com/web2py/web2py (Source code) >> - https://code.google.com/p/web2py/issues/list (Report Issues) >> --- >> You received this message because you are subscribed to the Google Groups >> "web2py-users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to web2py+un...@googlegroups.com <javascript:>. >> For more options, visit https://groups.google.com/d/optout. >> > > -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
