Django LDAP authentication backend
Project description
This is a Django authentication backend that authenticates against an LDAP service. Configuration can be as simple as a single distinguished name template, but there are many rich configuration options for working with users, groups, and permissions.
This version is supported on Python 2.7 and 3.4+; and Django 1.8 and 1.10+. Under Python 2, it requires python-ldap >= 2.0; under Python 3, it uses pyldap.
Repository: https://bitbucket.org/illocution/django-auth-ldap
Documentation: https://django-auth-ldap.readthedocs.io/
Mailing list: https://groups.google.com/group/django-auth-ldap
Following is an example configuration, just to whet your appetite:
import ldap from django_auth_ldap.config import LDAPSearch, GroupOfNamesType # Baseline configuration. AUTH_LDAP_SERVER_URI = "ldap://ldap.example.com" AUTH_LDAP_BIND_DN = "cn=django-agent,dc=example,dc=com" AUTH_LDAP_BIND_PASSWORD = "phlebotinum" AUTH_LDAP_USER_SEARCH = LDAPSearch("ou=users,dc=example,dc=com", ldap.SCOPE_SUBTREE, "(uid=%(user)s)") # or perhaps: # AUTH_LDAP_USER_DN_TEMPLATE = "uid=%(user)s,ou=users,dc=example,dc=com" # Set up the basic group parameters. AUTH_LDAP_GROUP_SEARCH = LDAPSearch("ou=django,ou=groups,dc=example,dc=com", ldap.SCOPE_SUBTREE, "(objectClass=groupOfNames)" ) AUTH_LDAP_GROUP_TYPE = GroupOfNamesType() # Simple group restrictions AUTH_LDAP_REQUIRE_GROUP = "cn=enabled,ou=django,ou=groups,dc=example,dc=com" AUTH_LDAP_DENY_GROUP = "cn=disabled,ou=django,ou=groups,dc=example,dc=com" # Populate the Django user from the LDAP directory. AUTH_LDAP_USER_ATTR_MAP = { "first_name": "givenName", "last_name": "sn", "email": "mail" } AUTH_LDAP_USER_FLAGS_BY_GROUP = { "is_active": "cn=active,ou=django,ou=groups,dc=example,dc=com", "is_staff": "cn=staff,ou=django,ou=groups,dc=example,dc=com", "is_superuser": "cn=superuser,ou=django,ou=groups,dc=example,dc=com" } # Use LDAP group membership to calculate group permissions. AUTH_LDAP_FIND_GROUP_PERMS = True # Cache group memberships for an hour to minimize LDAP traffic AUTH_LDAP_CACHE_GROUPS = True AUTH_LDAP_GROUP_CACHE_TIMEOUT = 3600 # Keep ModelBackend around for per-user permissions and maybe a local # superuser. AUTHENTICATION_BACKENDS = ( 'django_auth_ldap.backend.LDAPBackend', 'django.contrib.auth.backends.ModelBackend', )
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distributions
Hashes for django_auth_ldap-1.3.0b1-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 5dc13b3042601a1efe744ba803f318da9e79450fdfa79429b5c2242996f2bbfa |
|
MD5 | ffa9e0cc9b430046594d1b8231a912a5 |
|
BLAKE2b-256 | 4b00829e3411657db3af78f1a8a9088a872b6208264bda52f323cb452e314e43 |
Hashes for django_auth_ldap-1.3.0b1-py2-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | aa761346f5c59dec5a00f2b13d0501ac855f07784c7581d49451ca5e8e6e56b4 |
|
MD5 | aab0276f69ee1e8bde7622ee247f39a9 |
|
BLAKE2b-256 | c33f90af7114efdb880eb03961c145fdc9e365deb4f0ae384baae7f9093aeec2 |