django-auth-ldap

Django LDAP authentication backend

Project description

This is a Django authentication backend that authenticates against an LDAP service. Configuration can be as simple as a single distinguished name template, but there are many rich configuration options for working with users, groups, and permissions.

This version is supported on Python 2.7 and 3.4+; and Django 1.11+. It requires python-ldap >= 3.0.

Repository: https://github.com/django-auth-ldap/django-auth-ldap
Documentation: https://django-auth-ldap.readthedocs.io/

Following is an example configuration, just to whet your appetite:

import ldap
from django_auth_ldap.config import LDAPSearch, GroupOfNamesType


# Baseline configuration.
AUTH_LDAP_SERVER_URI = "ldap://ldap.example.com"

AUTH_LDAP_BIND_DN = "cn=django-agent,dc=example,dc=com"
AUTH_LDAP_BIND_PASSWORD = "phlebotinum"
AUTH_LDAP_USER_SEARCH = LDAPSearch("ou=users,dc=example,dc=com",
    ldap.SCOPE_SUBTREE, "(uid=%(user)s)")
# or perhaps:
# AUTH_LDAP_USER_DN_TEMPLATE = "uid=%(user)s,ou=users,dc=example,dc=com"

# Set up the basic group parameters.
AUTH_LDAP_GROUP_SEARCH = LDAPSearch("ou=django,ou=groups,dc=example,dc=com",
    ldap.SCOPE_SUBTREE, "(objectClass=groupOfNames)"
)
AUTH_LDAP_GROUP_TYPE = GroupOfNamesType()

# Simple group restrictions
AUTH_LDAP_REQUIRE_GROUP = "cn=enabled,ou=django,ou=groups,dc=example,dc=com"
AUTH_LDAP_DENY_GROUP = "cn=disabled,ou=django,ou=groups,dc=example,dc=com"

# Populate the Django user from the LDAP directory.
AUTH_LDAP_USER_ATTR_MAP = {
    "first_name": "givenName",
    "last_name": "sn",
    "email": "mail"
}

AUTH_LDAP_USER_FLAGS_BY_GROUP = {
    "is_active": "cn=active,ou=django,ou=groups,dc=example,dc=com",
    "is_staff": "cn=staff,ou=django,ou=groups,dc=example,dc=com",
    "is_superuser": "cn=superuser,ou=django,ou=groups,dc=example,dc=com"
}

# Use LDAP group membership to calculate group permissions.
AUTH_LDAP_FIND_GROUP_PERMS = True

# Cache distinguised names and group memberships for an hour to minimize
# LDAP traffic.
AUTH_LDAP_CACHE_TIMEOUT = 3600

# Keep ModelBackend around for per-user permissions and maybe a local
# superuser.
AUTHENTICATION_BACKENDS = (
    'django_auth_ldap.backend.LDAPBackend',
    'django.contrib.auth.backends.ModelBackend',
)

Project details

Release history Release notifications

This version

Jun 2, 2018

Jun 2, 2018

Apr 19, 2018

Mar 22, 2018

Nov 20, 2017

Oct 15, 2017

Sep 26, 2017

Sep 11, 2017

Jan 7, 2018

Sep 30, 2017

Aug 17, 2017

Jul 24, 2017

Jul 21, 2017

Jun 19, 2017

May 20, 2017

Apr 22, 2017

Mar 7, 2017

Feb 15, 2017

Apr 18, 2016

Sep 29, 2015

Mar 29, 2015

Jan 30, 2015

Dec 28, 2014

Nov 18, 2014

Sep 22, 2014

Aug 24, 2014

Apr 10, 2014

Feb 1, 2014

Nov 19, 2013

Nov 10, 2013

Oct 26, 2013

Mar 9, 2013

Jan 6, 2013

Aug 30, 2012

Jul 8, 2012

May 7, 2012

Mar 25, 2012

Mar 15, 2012

Mar 5, 2012

Mar 5, 2012

Feb 4, 2012

Dec 29, 2011

Dec 15, 2011

Sep 29, 2011

Aug 28, 2011

Jun 23, 2011

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Filename, size & hash SHA256 hash help	File type	Python version	Upload date
django_auth_ldap-1.6.1-py2.py3-none-any.whl (21.4 kB) Copy SHA256 hash SHA256	Wheel	py2.py3	Jun 2, 2018
django-auth-ldap-1.6.1.tar.gz (46.5 kB) Copy SHA256 hash SHA256	Source	None	Jun 2, 2018