Django LDAP authentication backend
Project description
This is a Django authentication backend that authenticates against an LDAP service. Configuration can be as simple as a single distinguished name template, but there are many rich configuration options for working with users, groups, and permissions.
This version is supported on Python 2.7 and 3.4+; and Django 1.8 and 1.10+. Under Python 2, it requires python-ldap >= 2.0; under Python 3, it uses pyldap.
Repository: https://bitbucket.org/illocution/django-auth-ldap
Documentation: https://django-auth-ldap.readthedocs.io/
Mailing list: https://groups.google.com/group/django-auth-ldap
Following is an example configuration, just to whet your appetite:
import ldap from django_auth_ldap.config import LDAPSearch, GroupOfNamesType # Baseline configuration. AUTH_LDAP_SERVER_URI = "ldap://ldap.example.com" AUTH_LDAP_BIND_DN = "cn=django-agent,dc=example,dc=com" AUTH_LDAP_BIND_PASSWORD = "phlebotinum" AUTH_LDAP_USER_SEARCH = LDAPSearch("ou=users,dc=example,dc=com", ldap.SCOPE_SUBTREE, "(uid=%(user)s)") # or perhaps: # AUTH_LDAP_USER_DN_TEMPLATE = "uid=%(user)s,ou=users,dc=example,dc=com" # Set up the basic group parameters. AUTH_LDAP_GROUP_SEARCH = LDAPSearch("ou=django,ou=groups,dc=example,dc=com", ldap.SCOPE_SUBTREE, "(objectClass=groupOfNames)" ) AUTH_LDAP_GROUP_TYPE = GroupOfNamesType() # Simple group restrictions AUTH_LDAP_REQUIRE_GROUP = "cn=enabled,ou=django,ou=groups,dc=example,dc=com" AUTH_LDAP_DENY_GROUP = "cn=disabled,ou=django,ou=groups,dc=example,dc=com" # Populate the Django user from the LDAP directory. AUTH_LDAP_USER_ATTR_MAP = { "first_name": "givenName", "last_name": "sn", "email": "mail" } AUTH_LDAP_USER_FLAGS_BY_GROUP = { "is_active": "cn=active,ou=django,ou=groups,dc=example,dc=com", "is_staff": "cn=staff,ou=django,ou=groups,dc=example,dc=com", "is_superuser": "cn=superuser,ou=django,ou=groups,dc=example,dc=com" } # Use LDAP group membership to calculate group permissions. AUTH_LDAP_FIND_GROUP_PERMS = True # Cache group memberships for an hour to minimize LDAP traffic AUTH_LDAP_CACHE_GROUPS = True AUTH_LDAP_GROUP_CACHE_TIMEOUT = 3600 # Keep ModelBackend around for per-user permissions and maybe a local # superuser. AUTHENTICATION_BACKENDS = ( 'django_auth_ldap.backend.LDAPBackend', 'django.contrib.auth.backends.ModelBackend', )
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distributions
Hashes for django_auth_ldap-1.3.0b2-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 369d5ac8f31add94c1f1cc80fc9494c4a77218e9df8bfab20b8069ac32d5856e |
|
MD5 | 823aa8217ce998a96e0b5ca463f5926f |
|
BLAKE2b-256 | 19bc1dc531836ad6f9dfd8ee097dc09e77b93cad70a4559e2506866ca1efd9ef |
Hashes for django_auth_ldap-1.3.0b2-py2-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 32f553605e1cf61f118ccacca5134bdcab181b10e0cba565f8d7c36d74f67e8f |
|
MD5 | b6ac6e583856e9539d1f8bb11d4ef60c |
|
BLAKE2b-256 | c2deaca5f6ee48d913cb84769bd0e7a36b679af276517b11cd677f472fc83d22 |