[英]Django-Ldap-Authentication
I am trying to authenticate the user with the LDAP server in django.我正在尝试使用 django 中的 LDAP 服务器对用户进行身份验证。
I have configured my settings.py as follows:我已经配置我的 settings.py 如下:
AUTH_LDAP_SERVER_URI = "ldap.forumsys.com"
AUTH_LDAP_BIND_DN = "cn=read-only-admin,dc=example,dc=com"
AUTH_LDAP_BIND_PASSWORD = "password"
AUTH_LDAP_USER_SEARCH = LDAPSearch("dc=example,dc=com",
ldap.SCOPE_SUBTREE, "(uid=%(user)s)")
AUTH_LDAP_START_TLS = True
AUTHENTICATION_BACKENDS = (
'django_auth_ldap.backend.LDAPBackend',
'django.contrib.auth.backends.ModelBackend',
)
In my views i have tried to authenticate it with the LDAPBACKEND在我看来,我已尝试使用 LDAPBACKEND 对其进行身份验证
from django.http import HttpResponse
from django_auth_ldap.backend import LDAPBackend
from django.contrib.auth.models import User
from django.conf import settings
def login_user(request):
state = ""
username = settings.AUTH_LDAP_BIND_DN
password = settings.AUTH_LDAP_BIND_PASSWORD
auth = LDAPBackend()
try:
User = auth.authenticate(username=username,password=password)
if User is not None:
state = "Valid"
else:
state = "Invalid"
except LDAPError as e:
state = "Error"
return HttpResponse(state)
But i am getting an error as但我收到一个错误
LDAPError while authenticating cn=read-only-admin,dc=example,dc=com: LDAPError(0,'Error')
验证 cn=read-only-admin,dc=example,dc=com 时的 LDAPError: LDAPError(0,'Error')
And I do have another doubt.我还有一个疑问。 Is the
username
and password
is same as the bind_username
and bind_password
? username
和password
是否与bind_username
和bind_password
相同?
My experience with LDAP didn't call for any view changes. 我使用LDAP的经验并没有要求任何视图更改。 I used the django-auth-ldap library which only required additional settings to use:
我使用了django-auth-ldap库,它只需要使用其他设置:
#-----------------------------------------------------------------------------#
#
# LDAP Settings
#
#-----------------------------------------------------------------------------#
AUTHENTICATION_BACKENDS += ('django_auth_ldap.backend.LDAPBackend',)
AUTH_LDAP_SERVER_URI = "ldaps://your.ldap.server"
AUTH_LDAP_USER_DN_TEMPLATE = "uid=%(user)s,ou=users,dc=example,dc=com"
Using a bind login works as well with these additional settings: 使用绑定登录也可以使用以下附加设置:
import ldap
from django_auth_ldap.config import LDAPSearch
AUTH_LDAP_BIND_DN = "<user>"
AUTH_LDAP_BIND_PASSWORD = "<password>"
AUTH_LDAP_USER_SEARCH = LDAPSearch("ou=users,dc=example,dc=com",ldap.SCOPE_SUBTREE, "(uid=%(user)s)")
Normal Django login views work fine with this setup. 正常的Django登录视图可以正常使用此设置。
EDIT: I should add that one should confirm that LDAP is working via the command line on the server before trying with Django. 编辑:我应该补充一点,在尝试使用Django之前,应该通过服务器上的命令行确认LDAP正在运行。 This is what held me up at first.
这就是我最初的举动。
Make sure AUTH_LDAP_SERVER_URI should be hostname or IP address of AD. 确保AUTH_LDAP_SERVER_URI应该是AD的主机名或IP地址。 In django settings.py :
在django settings.py中:
AUTH_LDAP_SERVER_URI = "ldap://hostname or Ip address of active directory"
AUTH_LDAP_BIND_DN = "CN=sAMAccountName,CN=Users,DC=yourdomain,DC=com"
AUTH_LDAP_BIND_PASSWORD = *******
AUTH_LDAP_CONNECTION_OPTIONS = {
ldap.OPT_REFERRALS: 0,
}
AUTH_LDAP_USER_SEARCH = LDAPSearch('CN=Users,DC=yourdomain,DC=com',
ldap.SCOPE_SUBTREE, "userPrincipalName=%(user)s")
AUTHENTICATION_BACKENDS = (
'django_auth_ldap.backend.LDAPBackend',
'django.contrib.auth.backends.ModelBackend')
And views.py should be like this, 而views.py应该是这样的,
from django.contrib.auth import views as auth_views
from forms import ProjectRequestForm, ExAuthenticationForm
def login(request):
return auth_views.login(request, template_name='login.html', authentication_form=ExAuthenticationForm)
I would recommend to use the class based view. 我建议使用基于类的视图。 Also, you should assign
username
and password
with the input of the user. 此外,您应该使用
username
的输入分配username
和password
。
Also you should only use the authenticate()
function. 此外,您应该只使用
authenticate()
函数。
from django.contrib.auth import authenticate
class LoginView(FormView):
form_class = LoginForm
success_url = reverse_lazy('main')
template_name = 'module_name/login.html'
def form_valid(self, form):
username = form.cleaned_data['username']
password = form.cleaned_data['password']
user = authenticate(username=username, password=password)
if user is not None and user.is_active:
login(self.request, user)
return super(LoginView, self).form_valid(form)
else:
return self.form_invalid(form)
Use the default Django LoginView to start with.使用默认的 Django LoginView 开始。 It should work...
它应该工作...
def login(request):
return LoginView.as_view(template_name='login.html')(request)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.