Django LDAP authentication backend
Project description
This is a Django authentication backend that authenticates against an LDAP service. Configuration can be as simple as a single distinguished name template, but there are many rich configuration options for working with users, groups, and permissions.
This version is supported on Python 2.7, 3.3, 3.4, 3.5, and 3.6; and Django >= 1.5. Under Python 2, it requires python-ldap >= 2.0; under Python 3, it uses pyldap.
Repository: https://bitbucket.org/illocution/django-auth-ldap
Documentation: https://django-auth-ldap.readthedocs.io/
Mailing list: https://groups.google.com/group/django-auth-ldap
Following is an example configuration, just to whet your appetite:
import ldap from django_auth_ldap.config import LDAPSearch, GroupOfNamesType # Baseline configuration. AUTH_LDAP_SERVER_URI = "ldap://ldap.example.com" AUTH_LDAP_BIND_DN = "cn=django-agent,dc=example,dc=com" AUTH_LDAP_BIND_PASSWORD = "phlebotinum" AUTH_LDAP_USER_SEARCH = LDAPSearch("ou=users,dc=example,dc=com", ldap.SCOPE_SUBTREE, "(uid=%(user)s)") # or perhaps: # AUTH_LDAP_USER_DN_TEMPLATE = "uid=%(user)s,ou=users,dc=example,dc=com" # Set up the basic group parameters. AUTH_LDAP_GROUP_SEARCH = LDAPSearch("ou=django,ou=groups,dc=example,dc=com", ldap.SCOPE_SUBTREE, "(objectClass=groupOfNames)" ) AUTH_LDAP_GROUP_TYPE = GroupOfNamesType() # Simple group restrictions AUTH_LDAP_REQUIRE_GROUP = "cn=enabled,ou=django,ou=groups,dc=example,dc=com" AUTH_LDAP_DENY_GROUP = "cn=disabled,ou=django,ou=groups,dc=example,dc=com" # Populate the Django user from the LDAP directory. AUTH_LDAP_USER_ATTR_MAP = { "first_name": "givenName", "last_name": "sn", "email": "mail" } AUTH_LDAP_USER_FLAGS_BY_GROUP = { "is_active": "cn=active,ou=django,ou=groups,dc=example,dc=com", "is_staff": "cn=staff,ou=django,ou=groups,dc=example,dc=com", "is_superuser": "cn=superuser,ou=django,ou=groups,dc=example,dc=com" } # Use LDAP group membership to calculate group permissions. AUTH_LDAP_FIND_GROUP_PERMS = True # Cache group memberships for an hour to minimize LDAP traffic AUTH_LDAP_CACHE_GROUPS = True AUTH_LDAP_GROUP_CACHE_TIMEOUT = 3600 # Keep ModelBackend around for per-user permissions and maybe a local # superuser. AUTHENTICATION_BACKENDS = ( 'django_auth_ldap.backend.LDAPBackend', 'django.contrib.auth.backends.ModelBackend', )
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distributions
Hashes for django_auth_ldap-1.2.17-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | e37d565dcec3db5cb4abeffab34fe774e55c60a5055bb5c5aa1f818c5c419b66 |
|
MD5 | 597bd7e646d2e02e9becbf6471126d40 |
|
BLAKE2b-256 | 61a0c2ede905d2e0d1268f67aa0a62386f72976431a2229e8dab6acd55163bab |
Hashes for django_auth_ldap-1.2.17-py2-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 0d9a27843f9e630c60d7e7ccef51cb1fe313c737056b9cb0be89b1e1e9b53705 |
|
MD5 | 69728315b05130948dd5b4eebaa0bb69 |
|
BLAKE2b-256 | f83a0ac30e1cfdbe82d969691e56c01b266cf1b081df10efc3e1c9382ba371de |