Hello continuing on the question posted OSQA & LDAP Authentication first I tried to create a module suggested by Hernani Cerqueira that inherits from forum.authentication.base.AuthenticationConsume but then after struggling with django (I was unable to create a simple "login box") I gave up and decided to to use the code by Russell Ballestrini slightly modified in localauth (decided to make use of the pretty login box already there) but I'm getting 500's (I believe it is expecting a "user" instead of whatever l.search_s() returns.) I am a total newbie to this, could somebody explain me what module calls LocalAuthConsumer (so I can figure out how to implement ldapauth)? If not that maybe the basics of how modules get used by the website?
Any pointer in the right direction is greatly appreciated!
Thanks for you time!
This is a VERY simplistic ldap authentication module it is suitable for internal use in a organization. This overwrites authentication.py (in localauth) so you can use the login "local user login" box as you ldap login! Thank you so much Hernani for the help =DDD
Hey segfault, the process_authentication_request method must return either a full user object or some string that can be used as a key to associate a user to a certain login method.
You have to consider a couple of things, will LDAP be your only authentication provider. Do you want your users to skip the registration part (when they are prompted for a username) when they visit the site for the first time using the LDAP authentication?
After answering this, your implementation may vary a little, then if the code is not to big, just edit your question and post your code and I'll be glad to help you finish that out.
answered 01 Jun '10, 19:53
Hernani Cerq... ♦♦
Guys, first of all congratulations and thanks for your comments on this topic. I got a demand to integrate a testing instance of OSQA to LDAP, and I found here very good materials to work with.
I just would like to share some changes I did in the original code posted by @segfault. The reason for the chances is that all the records of employees in our LDAP is spread across a lot of branches and leafs of the LDAP tree. So, I had to add an additional step to query the user registry's full path. I also fixed a missing import in the original code.
Hope this topic keep helping people out there.
PS: Apologize me for my smelly python code and misused LDAP terms. I'm not a python programmer and just took contact with LDAP some hours ago...
answered 20 Jun '12, 17:26
I had to change this a little bit for my LDAP setup:
Took a while to figure out, but now it's working perfectly!
answered 16 Jul '10, 14:47
I had to add in con.set_option(ldap.OPT_REFERRALS, 0) to get it to work with the active directory ldap at work, due to it having multiple domain controllers.
answered 03 Aug '10, 02:38
Kedar: The local login dissapeared for me when I hadn't installed the python-ldap package. Also to disable the external login capabilities you can disable them on the module level (think its in local_settings.py)
answered 10 Aug '10, 04:47
A bit more context for people who jump into adding LDAP support, as I did this week.
Authentication is done by modules in the "forum_modules" subdirectory. There are modules for authenticating via Facebook, via OpenID, via a local username/password account, and so on. All of these modules, except those listed in the DISABLED_MODULES settings, are imported during startup by code in forum/modules/__init__.py . This is how OSQA allows plugins.
What @segfault wrote is a modification of the "localauth" package. I tried that but found it a bit more complicated to understand because it has to let people be able to create new accounts. Take a look also at the facebookauth system to see a more minimal system.
In ldapauth/ you of course need the the __init__.py so the module can be imported. You'll need an authentication.py which contains "
Do notice that the localauth does a
The ConsumerTemplateContext says where and how to display the authentication information, eg, as a BIGICON like Facebook or STACK_ITEM like localauth. For LDAP I chose STACK_ITEM. I also tell it a form name which contains the HTML to insert for asking for the username/password.
(Some people may need to add domain, but as we have only one, I didn't worry about it.)
All in all, it wasn't that hard. The biggest problems were 1) finding out that the authentication was done through extension modules and 2) that OSQA isn't using Django's authentication system.
answered 26 Nov '10, 15:24
I have the bitnami osqa setup on Ubuntu 12.04.
Is this the right file/path to be editing? I have other authentication.py files found. Just want to make sure.
Also, is this a simple copy and paste into this file with all my server config info?
answered 28 Mar, 14:00
Guys - Some help needed
I am trying to use this ldap login (Microsoft ADS integration). When I use the above code in the authentication.py file, the local login section disappears from the page.I only see external login capabilities.
Also I want to make the external login capabilities to disappear. Do you know where the login page template is stored?
Environment: Ubuntu 10.04, OSQA downloaded on 4th Augus from the SVN. MY SQL 5.1
Best Regards Kedar E:firstname.lastname@example.org
answered 06 Aug '10, 00:44