堆栈内存溢出
  简体   繁体   English

Django-Ldap-身份验证

[英]Django-Ldap-Authentication

 原文  2017-01-19 10:07:42       python/ django/ python-2.7/ authentication/ ldap

问题描述

I am trying to authenticate the user with the LDAP server in django.我正在尝试使用 django 中的 LDAP 服务器对用户进行身份验证。

I have configured my settings.py as follows:我已经配置我的 settings.py 如下:

AUTH_LDAP_SERVER_URI = "ldap.forumsys.com"
AUTH_LDAP_BIND_DN = "cn=read-only-admin,dc=example,dc=com"
AUTH_LDAP_BIND_PASSWORD = "password"
AUTH_LDAP_USER_SEARCH = LDAPSearch("dc=example,dc=com",
    ldap.SCOPE_SUBTREE, "(uid=%(user)s)")
AUTH_LDAP_START_TLS = True


AUTHENTICATION_BACKENDS = (
    'django_auth_ldap.backend.LDAPBackend',
    'django.contrib.auth.backends.ModelBackend',
    )

In my views i have tried to authenticate it with the LDAPBACKEND在我看来,我已尝试使用 LDAPBACKEND 对其进行身份验证

from django.http import HttpResponse
from django_auth_ldap.backend import LDAPBackend
from django.contrib.auth.models import User


from django.conf import settings


def login_user(request):

    state = ""

    username = settings.AUTH_LDAP_BIND_DN
    password = settings.AUTH_LDAP_BIND_PASSWORD

    auth = LDAPBackend()

    try:
        User = auth.authenticate(username=username,password=password) 
        if User is not None:
            state = "Valid"

        else:
            state = "Invalid"

    except LDAPError as e:
            state = "Error"

    return HttpResponse(state)

But i am getting an error as但我收到一个错误

LDAPError while authenticating cn=read-only-admin,dc=example,dc=com: LDAPError(0,'Error')验证 cn=read-only-admin,dc=example,dc=com 时的 LDAPError: LDAPError(0,'Error')

And I do have another doubt.我还有一个疑问。 Is the username and password is same as the bind_username and bind_password ? usernamepassword是否与bind_usernamebind_password相同?

4 个解决方案

解决方案1
 2  2017-01-20 21:18:45

My experience with LDAP didn't call for any view changes. 我使用LDAP的经验并没有要求任何视图更改。 I used the django-auth-ldap library which only required additional settings to use: 我使用了django-auth-ldap库,它只需要使用其他设置: 

#-----------------------------------------------------------------------------#
#
#   LDAP Settings
#
#-----------------------------------------------------------------------------#

AUTHENTICATION_BACKENDS += ('django_auth_ldap.backend.LDAPBackend',) 

AUTH_LDAP_SERVER_URI = "ldaps://your.ldap.server"

AUTH_LDAP_USER_DN_TEMPLATE = "uid=%(user)s,ou=users,dc=example,dc=com"

Using a bind login works as well with these additional settings: 使用绑定登录也可以使用以下附加设置: 

import ldap
from django_auth_ldap.config import LDAPSearch

AUTH_LDAP_BIND_DN = "<user>"
AUTH_LDAP_BIND_PASSWORD = "<password>"
AUTH_LDAP_USER_SEARCH = LDAPSearch("ou=users,dc=example,dc=com",ldap.SCOPE_SUBTREE, "(uid=%(user)s)")

Normal Django login views work fine with this setup. 正常的Django登录视图可以正常使用此设置。

EDIT: I should add that one should confirm that LDAP is working via the command line on the server before trying with Django. 编辑:我应该补充一点,在尝试使用Django之前,应该通过服务器上的命令行确认LDAP正在运行。 This is what held me up at first. 这就是我最初的举动。

解决方案2
 1  2017-05-18 07:17:08

Make sure AUTH_LDAP_SERVER_URI should be hostname or IP address of AD. 确保AUTH_LDAP_SERVER_URI应该是AD的主机名或IP地址。 In django settings.py : 在django settings.py中: 

AUTH_LDAP_SERVER_URI = "ldap://hostname or Ip address of active directory"
AUTH_LDAP_BIND_DN = "CN=sAMAccountName,CN=Users,DC=yourdomain,DC=com"
AUTH_LDAP_BIND_PASSWORD = *******
AUTH_LDAP_CONNECTION_OPTIONS = {
    ldap.OPT_REFERRALS: 0,
}
AUTH_LDAP_USER_SEARCH = LDAPSearch('CN=Users,DC=yourdomain,DC=com', 
ldap.SCOPE_SUBTREE, "userPrincipalName=%(user)s")

AUTHENTICATION_BACKENDS = (
    'django_auth_ldap.backend.LDAPBackend',
    'django.contrib.auth.backends.ModelBackend')

And views.py should be like this, 而views.py应该是这样的, 

from django.contrib.auth import views as auth_views
from forms import ProjectRequestForm, ExAuthenticationForm

def login(request):
    return auth_views.login(request, template_name='login.html', authentication_form=ExAuthenticationForm)

解决方案3
 0  2017-01-19 10:34:59

I would recommend to use the class based view. 我建议使用基于类的视图。 Also, you should assign username and password with the input of the user. 此外,您应该使用username的输入分配usernamepassword

Also you should only use the authenticate() function. 此外,您应该只使用authenticate()函数。 

from django.contrib.auth import authenticate

class LoginView(FormView):
    form_class = LoginForm
    success_url = reverse_lazy('main')
    template_name = 'module_name/login.html'

    def form_valid(self, form):
        username = form.cleaned_data['username']
        password = form.cleaned_data['password']
        user = authenticate(username=username, password=password)

        if user is not None and user.is_active:
            login(self.request, user)
                return super(LoginView, self).form_valid(form)
        else:
            return self.form_invalid(form)

解决方案4
 0  2022-03-08 21:05:00

Use the default Django LoginView to start with.使用默认的 Django LoginView 开始。 It should work...它应该工作...

def login(request):
    return LoginView.as_view(template_name='login.html')(request)

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Django Python-Ldap身份验证 - Django Python - Ldap Authentication 使用django REST进行LDAP身份验证 - LDAP authentication with django REST Django身份验证LDAP - Django Authentication LDAP 生产中的Django LDAP认证 - Django LDAP Authentication in Production LDAP 使用 django 进行身份验证 - LDAP authentication using django 使用Django进行LDAP身份验证 - LDAP authentication with Django ldap3认证django应用 - authentication django app with ldap3 了解 Django-LDAP 身份验证 - Understanding Django-LDAP authentication Django Ldap身份验证超时 - Django Ldap authentication timed out django 通过 LDAP 进行用户身份验证 - django User authentication via LDAP
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM