Django LDAP authentication backend
Project description
This is a Django authentication backend that authenticates against an LDAP service. Configuration can be as simple as a single distinguished name template, but there are many rich configuration options for working with users, groups, and permissions.
This version is supported on Python 2.6, 2.7, 3.4 and 3.5; and Django >= 1.7. Under Python 2, it requires python-ldap >= 2.0; under Python 3, it uses pyldap.
Full documentation can be found at http://pythonhosted.org/django-auth-ldap/; following is an example configuration, just to whet your appetite:
import ldap
from django_auth_ldap.config import LDAPSearch, GroupOfNamesType
# Specify User Profile Model if profile needs to be populated (Optional)
AUTH_PROFILE_MODULE = 'account.UserProfile'
# Baseline configuration.
AUTH_LDAP_SERVER_URI = "ldap://ldap.example.com"
AUTH_LDAP_BIND_DN = "cn=django-agent,dc=example,dc=com"
AUTH_LDAP_BIND_PASSWORD = "phlebotinum"
AUTH_LDAP_USER_SEARCH = LDAPSearch("ou=users,dc=example,dc=com",
ldap.SCOPE_SUBTREE, "(uid=%(user)s)")
# or perhaps:
# AUTH_LDAP_USER_DN_TEMPLATE = "uid=%(user)s,ou=users,dc=example,dc=com"
# Set up the basic group parameters.
AUTH_LDAP_GROUP_SEARCH = LDAPSearch("ou=django,ou=groups,dc=example,dc=com",
ldap.SCOPE_SUBTREE, "(objectClass=groupOfNames)"
)
AUTH_LDAP_GROUP_TYPE = GroupOfNamesType()
# Simple group restrictions
AUTH_LDAP_REQUIRE_GROUP = "cn=enabled,ou=django,ou=groups,dc=example,dc=com"
AUTH_LDAP_DENY_GROUP = "cn=disabled,ou=django,ou=groups,dc=example,dc=com"
# Populate the Django user from the LDAP directory.
AUTH_LDAP_USER_ATTR_MAP = {
"first_name": "givenName",
"last_name": "sn",
"email": "mail"
}
AUTH_LDAP_USER_FLAGS_BY_GROUP = {
"is_active": "cn=active,ou=django,ou=groups,dc=example,dc=com",
"is_staff": "cn=staff,ou=django,ou=groups,dc=example,dc=com",
"is_superuser": "cn=superuser,ou=django,ou=groups,dc=example,dc=com"
}
# Populate user profil model from LDAP Directory
AUTH_LDAP_PROFILE_ATTR_MAP = {
'description': 'description',
'type': 'employeeType',
}
# Populate profile fields by matching if regex matches the user DN
AUTH_LDAP_PROFILE_FLAGS_BY_DN_REGEX = {
"is_awesome": r"ou=awesome,ou=people,dc=example,dc=com",
"is_teacher": r"ou=faculty,dc=example,dc=com",
}
# Use LDAP group membership to calculate group permissions.
AUTH_LDAP_FIND_GROUP_PERMS = True
# Cache group memberships for an hour to minimize LDAP traffic
AUTH_LDAP_CACHE_GROUPS = True
AUTH_LDAP_GROUP_CACHE_TIMEOUT = 3600
# Keep ModelBackend around for per-user permissions and maybe a local
# superuser.
AUTHENTICATION_BACKENDS = (
'django_auth_ldap.backend.LDAPBackend',
'django.contrib.auth.backends.ModelBackend',
)
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
django-auth-ldap-ng-1.7.0.tar.gz
(137.3 kB
view details)
File details
Details for the file django-auth-ldap-ng-1.7.0.tar.gz.
File metadata
- Download URL: django-auth-ldap-ng-1.7.0.tar.gz
- Upload date:
- Size: 137.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | d51d42b7388662e24d37797ad53520d54b60cb1630d426a4d14b4c5a6278023d |
|
| MD5 | a79a2164196316c7b664f8cffe917cef |
|
| BLAKE2b-256 | 47bd2a7d7f942d146837305793d3f88510117f8b550df40acbb5433bb8874ab6 |
