1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
|
"""Settings for LDAP login for Askbot"""
from askbot.conf.settings_wrapper import settings
from askbot.conf.super_groups import EXTERNAL_SERVICES
from askbot.deps import livesettings
from django.utils.translation import ugettext_lazy as _
LDAP_SETTINGS = livesettings.ConfigurationGroup(
'LDAP_SETTINGS',
_('LDAP login configuration'),
super_group = EXTERNAL_SERVICES
)
settings.register(
livesettings.BooleanValue(
LDAP_SETTINGS,
'USE_LDAP_FOR_PASSWORD_LOGIN',
description=_('Use LDAP authentication for the password login'),
defaut=False
)
)
settings.register(
livesettings.BooleanValue(
LDAP_SETTINGS,
'LDAP_AUTOCREATE_USERS',
description = _('Automatically create user accounts when possible'),
default = False,
help_text = _(
'Potentially reduces number of steps in the registration process '
'but can expose personal information, e.g. when LDAP login name is '
'the same as email address or real name.'
)
)
)
LDAP_PROTOCOL_VERSION_CHOICES = (
('3', _('Version 3')),
('2', _('Version 2 (insecure and deprecated)!!!'))
)
settings.register(
livesettings.StringValue(
LDAP_SETTINGS,
'LDAP_PROTOCOL_VERSION',
default = '3',
choices = LDAP_PROTOCOL_VERSION_CHOICES,
description = _('LDAP protocol version'),
help_text = _(
'Note that Version 2 protocol is not secure!!! '
'Do not use it on unprotected network.'
)
)
)
settings.register(
livesettings.StringValue(
LDAP_SETTINGS,
'LDAP_URL',
description=_('LDAP URL'),
default="ldap://<host>:<port>"
)
)
settings.register(
livesettings.StringValue(
LDAP_SETTINGS,
'LDAP_ENCODING',
description = _('LDAP encoding'),
default = 'utf-8',
help_text = _(
'This value in almost all cases is "utf-8". '
'Change it if yours is different. '
'This field is required'
)
)
)
settings.register(
livesettings.StringValue(
LDAP_SETTINGS,
'LDAP_BASE_DN',
description=_('Base DN (distinguished name)'),
default = '',
help_text = _(
'Usually base DN mirrors domain name of your organization, '
'e.g. "dn=example,dn=com" when your site url is "example.com".'
'This value is the "root" address of your LDAP directory.'
)
)
)
settings.register(
livesettings.StringValue(
LDAP_SETTINGS,
'LDAP_USER_FILTER_TEMPLATE',
description = _('User search filter template'),
default = '(%s=%s)',
help_text = _(
'Python string format template, must have two string placeholders, '
'which should be left in the intact format. '
'First placeholder will be used for the user id field name, '
'and the second - for the user id value. '
'The template can be extended to match schema of your '
'LDAP directory.'
)
)
)
settings.register(
livesettings.StringValue(
LDAP_SETTINGS,
'LDAP_LOGIN_NAME_FIELD',
description = _('UserID/login field'),
default = 'uid',
help_text = _(
'This field is required. '
'For Microsoft Active Directory this value usually '
'is "sAMAccountName".'
)
)
)
settings.register(
livesettings.StringValue(
LDAP_SETTINGS,
'LDAP_COMMON_NAME_FIELD',
description=_('"Common Name" field'),
help_text=_(
'Common name is a formal or informal name '
'of a person, can be blank. '
'Use it only if surname and given names are not '
'available.'
),
default = 'cn'
)
)
COMMON_NAME_FIELD_FORMAT_CHOICES = (
('first,last', _('First name, Last name')),
('last,first', _('Last name, First name')),
)
settings.register(
livesettings.StringValue(
LDAP_SETTINGS,
'LDAP_COMMON_NAME_FIELD_FORMAT',
description = _('"Common Name" field format'),
default = 'first,last',
choices = COMMON_NAME_FIELD_FORMAT_CHOICES,
help_text = _('Use this only if "Common Name" field is used.')
)
)
settings.register(
livesettings.StringValue(
LDAP_SETTINGS,
'LDAP_GIVEN_NAME_FIELD',
description = _('Given (First) name'),
default = 'givenName',
help_text = _('This field can be blank')
)
)
settings.register(
livesettings.StringValue(
LDAP_SETTINGS,
'LDAP_SURNAME_FIELD',
description = _('Surname (last) name'),
default = 'sn',
help_text = _('This field can be blank')
)
)
settings.register(
livesettings.StringValue(
LDAP_SETTINGS,
'LDAP_EMAIL_FIELD',
description = _('LDAP Server EMAIL field name'),
default = 'mail',
help_text = _('This field is required')
)
)
# May be necessary, but not handled properly.
# --> Commenting out until handled properly in backends.ldap_authenticate()
#settings.register(
# livesettings.StringValue(
# LDAP_SETTINGS,
# 'LDAP_PROXYDN',
# description=_('LDAP PROXY DN'),
# default=""
# )
#)
#
#settings.register(
# livesettings.StringValue(
# LDAP_SETTINGS,
# 'LDAP_PROXYDN_PASSWORD',
# description=_('LDAP PROXY DN Password'),
# defalut="",
# )
#)
|
