[英]How to authenticate LDAP properly?
I am working on a project that must use LDAP authentication. 我正在研究一个必须使用LDAP身份验证的项目。 I am using the server at ldap.forumsys.com after finding the link on Stack Overflow to practice before adding to my Flask application. 在添加到Flask应用程序之前,在Stack Overflow上找到要练习的链接后,我正在ldap.forumsys.com上使用服务器。
If I run the ldapsearch bash command inside of my python code I get a whole bunch of usernames (Tesla etc...) and their associated data (there are no password hashes though). 如果我在python代码中运行ldapsearch bash命令,则会得到一堆用户名(Tesla等...)及其关联数据(尽管没有密码哈希)。 I am able to extract the usernames/user-data as shown here: 我能够提取用户名/用户数据,如下所示:
username = request.form['username']
password = request.form['password']
cmd = "ldapsearch -h ldap.forumsys.com -D cn=read-only-admin,dc=example,dc=com -w" + os.environ['LDAP_PWD'] + " -b dc=example,dc=com"
ldap_query = os.popen(cmd).read()
user_str = re.sub("\n", "", ldap_query)
users = user_str.split("#")
user_data = ""
for line in users:
if username in line:
user_data = line
break
But then I realized that I LDAP is not the same as a database. 但是后来我意识到我的LDAP与数据库不同。 I was hoping to find password hashes that I could use to authenticate a user's login information. 我希望找到可以用于验证用户登录信息的密码哈希。
So then I tried the python-ldap3 module: 因此,我尝试了python-ldap3模块:
>>> conn = Connection(server, 'uid=tesla,dc=example,dc=com', 'password', auto_bind=True)
>>> conn.bound
True
>>> conn.entries
[]
Unfortunately I can't seem to get any data returned in the list after calling conn.entries. 不幸的是,调用conn.entries之后,我似乎无法在列表中返回任何数据。
I can see that the ldap3 module binded the connection. 我可以看到ldap3模块绑定了该连接。 Does the ldapsearch command bind as well? ldapsearch命令是否也绑定? If there are no password hashes, how should I authenticate the username/password entered by the user on the client side? 如果没有密码哈希,我应该如何验证用户在客户端输入的用户名/密码?
Thank you all very much. 非常感谢大家。
If the statement... 如果说...
conn.bound == True
Then the connection has been authenticated via LDAP 然后,连接已通过LDAP进行了身份验证
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.