Show More
@@ -604,19 +604,19 b' class AuthLdapBase(object):' | |||
|
604 | 604 | if not full_resolve: |
|
605 | 605 | return '{}:{}'.format(host, port) |
|
606 | 606 | |
|
607 | log.debug('LDAP: Resolving IP for LDAP host %s', host) | |
|
607 | log.debug('LDAP: Resolving IP for LDAP host `%s`', host) | |
|
608 | 608 | try: |
|
609 | 609 | ip = socket.gethostbyname(host) |
|
610 |
log.debug('Got LDAP |
|
|
610 | log.debug('LDAP: Got LDAP host `%s` ip %s', host, ip) | |
|
611 | 611 | except Exception: |
|
612 | raise LdapConnectionError( | |
|
613 | 'Failed to resolve host: `{}`'.format(host)) | |
|
612 | raise LdapConnectionError('Failed to resolve host: `{}`'.format(host)) | |
|
614 | 613 | |
|
615 | 614 | log.debug('LDAP: Checking if IP %s is accessible', ip) |
|
616 | 615 | s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) |
|
617 | 616 | try: |
|
618 | 617 | s.connect((ip, int(port))) |
|
619 | 618 | s.shutdown(socket.SHUT_RD) |
|
619 | log.debug('LDAP: connection to %s successful', ip) | |
|
620 | 620 | except Exception: |
|
621 | 621 | raise LdapConnectionError( |
|
622 | 622 | 'Failed to connect to host: `{}:{}`'.format(host, port)) |
@@ -145,16 +145,16 b' class AuthLdap(AuthLdapBase):' | |||
|
145 | 145 | log.debug('Trying simple_bind with password and given login DN: %r', |
|
146 | 146 | self.LDAP_BIND_DN) |
|
147 | 147 | ldap_conn.simple_bind_s(self.LDAP_BIND_DN, self.LDAP_BIND_PASS) |
|
148 | ||
|
148 | log.debug('simple_bind successful') | |
|
149 | 149 | return ldap_conn |
|
150 | 150 | |
|
151 | 151 | def fetch_attrs_from_simple_bind(self, server, dn, username, password): |
|
152 | 152 | try: |
|
153 | 153 | log.debug('Trying simple bind with %r', dn) |
|
154 | 154 | server.simple_bind_s(dn, safe_str(password)) |
|
155 |
|
|
|
155 | _dn, attrs = server.search_ext_s( | |
|
156 | 156 | dn, ldap.SCOPE_BASE, '(objectClass=*)', )[0] |
|
157 | _, attrs = user | |
|
157 | ||
|
158 | 158 | return attrs |
|
159 | 159 | |
|
160 | 160 | except ldap.INVALID_CREDENTIALS: |
@@ -272,7 +272,7 b' class LdapSettingsSchema(AuthnPluginSett' | |||
|
272 | 272 | 'uid=root,cn=users,dc=mydomain,dc=com, or admin@mydomain.com'), |
|
273 | 273 | missing='', |
|
274 | 274 | preparer=strip_whitespace, |
|
275 |
title=_(' |
|
|
275 | title=_('Bind account'), | |
|
276 | 276 | widget='string') |
|
277 | 277 | dn_pass = colander.SchemaNode( |
|
278 | 278 | colander.String(), |
@@ -280,7 +280,7 b' class LdapSettingsSchema(AuthnPluginSett' | |||
|
280 | 280 | description=_('Password to authenticate for given user DN.'), |
|
281 | 281 | missing='', |
|
282 | 282 | preparer=strip_whitespace, |
|
283 |
title=_(' |
|
|
283 | title=_('Bind account password'), | |
|
284 | 284 | widget='password') |
|
285 | 285 | tls_kind = colander.SchemaNode( |
|
286 | 286 | colander.String(), |
@@ -318,7 +318,7 b' class LdapSettingsSchema(AuthnPluginSett' | |||
|
318 | 318 | colander.String(), |
|
319 | 319 | default='', |
|
320 | 320 | description=_('Base DN to search. Dynamic bind is supported. Add `$login` marker ' |
|
321 |
'in it to be replaced with current user |
|
|
321 | 'in it to be replaced with current user username \n' | |
|
322 | 322 | '(e.g., dc=mydomain,dc=com, or ou=Users,dc=mydomain,dc=com)'), |
|
323 | 323 | missing='', |
|
324 | 324 | preparer=strip_whitespace, |
General Comments 0
You need to be logged in to leave comments.
Login now