| 1 |
AUTHENTICATION_BACKENDS = ( |
| 2 |
'custom_backend.ForceUidLDAPBackend', |
| 3 |
'django.contrib.auth.backends.ModelBackend', |
| 4 |
) |
| 5 |
|
| 6 |
# Use LDAP group membership to calculate group permissions. |
| 7 |
AUTH_LDAP_FIND_GROUP_PERMS = True |
| 8 |
|
| 9 |
AUTH_LDAP_START_TLS = True |
| 10 |
|
| 11 |
# Cache group memberships for an hour to minimize LDAP traffic |
| 12 |
AUTH_LDAP_CACHE_GROUPS = True |
| 13 |
AUTH_LDAP_GROUP_CACHE_TIMEOUT = 3600 |
| 14 |
|
| 15 |
import ldap |
| 16 |
from django_auth_ldap.config import LDAPSearch, GroupOfNamesType |
| 17 |
|
| 18 |
|
| 19 |
# Baseline configuration. |
| 20 |
AUTH_LDAP_SERVER_URI = "ldap://ldap.<%= domain %>" |
| 21 |
|
| 22 |
AUTH_LDAP_BIND_DN = "cn=transifex-alamut,ou=System Accounts,<%= dc_suffix %>" |
| 23 |
AUTH_LDAP_BIND_PASSWORD = "<%= ldap_password %>" |
| 24 |
|
| 25 |
AUTH_LDAP_USER_SEARCH = LDAPSearch("ou=People,<%= dc_suffix %> ", |
| 26 |
ldap.SCOPE_SUBTREE, "(|(uid=%(user)s)(mail=%(user)s))") |
| 27 |
|
| 28 |
# Set up the basic group parameters. |
| 29 |
AUTH_LDAP_GROUP_SEARCH = LDAPSearch("ou=Group,<%= dc_suffix %>", |
| 30 |
ldap.SCOPE_SUBTREE, "(objectClass=groupOfNames)" |
| 31 |
) |
| 32 |
AUTH_LDAP_GROUP_TYPE = GroupOfNamesType(name_attr="cn") |
| 33 |
|
| 34 |
# Only users in this group can log in. |
| 35 |
#AUTH_LDAP_REQUIRE_GROUP = "cn=enabled,ou=groups,dc=example,dc=com" |
| 36 |
|
| 37 |
# Populate the Django user from the LDAP directory. |
| 38 |
AUTH_LDAP_USER_ATTR_MAP = { |
| 39 |
"first_name": "givenName", |
| 40 |
"last_name": "sn", |
| 41 |
"email": "mail" |
| 42 |
} |
| 43 |
|
| 44 |
AUTH_LDAP_USER_FLAGS_BY_GROUP = { |
| 45 |
"is_active": "cn=mga-committers,ou=Group,<%= dc_suffix %>", |
| 46 |
"is_staff": "cn=mga-sysadmin,ou=Group,<%= dc_suffix %>", |
| 47 |
"is_superuser": "cn=mga-sysadmin,ou=Group,<%= dc_suffix %>" |
| 48 |
} |
Parent Directory
| 
Revision Log