- Joined
- Jan 24, 2006
- Location
- South Dakota
I have gotten the authentication to AD working just fine. The problem is, I want to start doing work with groups. However, everything I have tried (that I found on the interwebs) doesnt seem to work for me. Ideally I would like to able to take a certain action if the user is apart of the "linux" group.
Here is login/views.py
and the settings.py
Here is login/views.py
Code:
from django.shortcuts import render_to_response
from django.http import HttpResponseRedirect
from django.contrib import auth
from django.core.context_processors import csrf
from django.contrib.auth.forms import UserCreationForm
from django.template import RequestContext
from django import template
from django.contrib.auth.models import Group, User
register = template.Library()
@register.filter(name='has_group')
def login(request):
if not request.user.is_authenticated():
c = {}
c.update((csrf(request)))
return render_to_response('login.html', c, context_instance=RequestContext(request))
else:
return render_to_response('loggedin.html')
def auth_view(request):
username = request.POST['username'],
password = request.POST['password'],
user = auth.authenticate(username=username[0], password=password[0])
print username[0]
print password[0]
if user is not None:
auth.login(request, user)
return HttpResponseRedirect('/upload/')
else:
return HttpResponseRedirect('/accounts/invalid')
def loggedin(request):
return render_to_response('loggedin.html', {'full_name': request.user.username})
def invalid_login(request):
return render_to_response('invalid_login.html')
def logout(request):
auth.logout(request)
return render_to_response('login.html')
and the settings.py
Code:
import ldap
import os
from django_auth_ldap.config import LDAPSearch, GroupOfNamesType
AUTHENTICATION_BACKENDS = (
'django_auth_ldap.backend.LDAPBackend',
'django.contrib.auth.backends.ModelBackend',
)
AUTH_LDAP_SERVER_URI = 'ldap://xxx.xxx.xxx.xxx'
AUTH_LDAP_FIND_GROUP_PERMS = True
AUTH_LDAP_CACHE_GROUPS = True
AUTH_LDAP_GROUP_CACHE_TIMEOUT = 300
AUTH_LDAP_BIND_AS_AUTHENTICATING_USER = True
AUTH_LDAP_BIND_DN = 'CN=LDAP User,CN=Users,DC=xxx,DC=xxx,DC=net'
AUTH_LDAP_BIND_PASSWORD = 'xxxx'
AUTH_LDAP_USER_SEARCH = LDAPSearch('dc=xxx,dc=xxx,dc=net', ldap.SCOPE_SUBTREE, '(sAMAccountName=%(user)s)',)
AUTH_LDAP_GROUP_SEARCH = LDAPSearch('dc=xxx,dc=xxx,dc=net', ldap.SCOPE_SUBTREE, "(objectClass=groupOfNames)")
AUTH_LDAP_GROUP_TYPE = GroupOfNamesType()
# Populate the Django user from the LDAP directory.
AUTH_LDAP_USER_ATTR_MAP = {
'first_name': 'givenName',
'last_name': 'sn',
'email': 'mail'
}
AUTH_LDAP_ALWAYS_UPDATE_USER = True
AUTH_LDAP_FIND_GROUP_PERMS = True
# Cache group memberships for 5 minutes to reduce LDAP traffic
AUTH_LDAP_CACHE_GROUPS = True
AUTH_LDAP_GROUP_CACHE_TIMEOUT = 300
AUTH_LDAP_GLOBAL_OPTIONS = {
ldap.OPT_X_TLS_REQUIRE_CERT: False,
ldap.OPT_REFERRALS: False,
}
[code]
I have tried working with the groupOfNames option in the ldap search as well as other stuff. I can't seem to get this to work. Can anyone nudge me in the right direction?
This test machine is not bound to AD, but the login works fine