Changes between Version 17 and Version 18 of MultipleAuthBackends


Ignore:
Timestamp:
02/19/08 10:14:10 (7 years ago)
Author:
guettli
Comment:

remove outdated information, added link to LDAP Auth Backend

Legend:

Unmodified
Added
Removed
Modified
  • MultipleAuthBackends

    v17 v18  
    66http://code.djangoproject.com/browser/django/trunk/docs/authentication.txt
    77
    8 ----
    9 
    10 Start: Added by a relative newbie on May 12, 2006
    11 
    12 Note: In the multi-auth branch (2892), you need to set AUTHENTICATION_BACKENDS to a tuple, similar to MULTIAUTH_BACKENDS above.  the {{{authenticate}}} method looks for this setting in your settings.py file.  I have it working and all I have is:
    13 
    14 {{{
    15 #!python
    16 
    17 AUTHENTICATION_BACKENDS = (
    18     "django.contrib.auth.copy_of_backends.LDAPBackend",
    19 )
    20 }}}
    21 
    22 I made a copy of contrib.auth.backends so the svn can update it without overwriting my LDAPBackend class.  Don't know if that is the best way to do it or not, but it works.
    23 
    24 ''I recommend you put it someplace like {{{myapp.auth.LDAPBackend}}}. Maintianing patches to Django is going to be a PITA. --Joseph Kocherhans''
    25 
    26 I also hacked the contrib.auth.models file to change the check_password function to check against our LDAP server, and added a few small functions to check the type of user account.  I know this will break next time I update the source, but I have a copy of that as well.  There is surely a better way, but I'm still learning.
    27 
    28 ''You shouldn't have to hack the {{{check_password}}} function at all. It isn't called directly by Django's views anymore... only indirectly via {{{django.contrib.auth.backends.ModelBacked}}}, which you aren't using. -Joseph Kocherhans''
    29 
    30 End of newbie addition
    31 
    32 ----
    338
    349=== sample LDAPBackend class ===
    3510
    36 From the same newbie as above on May 12, 2006
    37 
    38 This is located in the contrib/auth/copy_of_backends.py file.  The two original models are still in the file as well.  I just added this one in the middle.
    39 
    40 {{{
    41 #!python
    42 
    43 class LDAPBackend:
    44     """
    45     Authenticate against our LDAP Database
    46     """
    47     def authenticate(self, username=None, password=None):
    48         # bind and see if the user exists
    49         if ldap.userExists(username):
    50             # user exists in our LDAP, see if they exist in Django
    51             # if not, add them to django's user database since django relies on that
    52             try:
    53                 user = User.objects.get(username=username)
    54                 if ldap.check_ldap_password(username, password):
    55                     return user
    56             except User.DoesNotExist:
    57                 # get the first name, last name, email from ldap
    58                 u = ldap.getUser(username)
    59                 # get user attributes here as well, like mail, fname, lname
    60                 user = User(username=username, password='getmefromldap')
    61                 user.email = mail
    62                 user.first_name = fname
    63                 user.last_name = lname
    64                 user.is_staff = False
    65                 user.is_superuser = False
    66                 user.save()
    67                 return user
    68         else:
    69             return None
    70 
    71     def get_user(self, user_id):
    72         try:
    73             return User.objects.get(pk=user_id)
    74         except User.DoesNotExist:
    75             return None
    76 }}}
    77 
    78 And it worked!  I was able to logon as a user who had no entry in Django, and then it added my entry and away I went.  Pretty nice stuff.
     11See #2507
Back to Top