equal
deleted
inserted
replaced
65 'default': 'ldap', |
65 'default': 'ldap', |
66 'choices': ('ldap', 'ldaps', 'ldapi'), |
66 'choices': ('ldap', 'ldaps', 'ldapi'), |
67 'help': 'ldap protocol (allowed values: ldap, ldaps, ldapi)', |
67 'help': 'ldap protocol (allowed values: ldap, ldaps, ldapi)', |
68 'group': 'ldap-source', 'level': 1, |
68 'group': 'ldap-source', 'level': 1, |
69 }), |
69 }), |
70 |
|
71 ('auth-mode', |
70 ('auth-mode', |
72 {'type' : 'choice', |
71 {'type' : 'choice', |
73 'default': 'simple', |
72 'default': 'simple', |
74 'choices': ('simple', 'cram_md5', 'digest_md5', 'gssapi'), |
73 'choices': ('simple', 'cram_md5', 'digest_md5', 'gssapi'), |
75 'help': 'authentication mode used to authenticate user to the ldap.', |
74 'help': 'authentication mode used to authenticate user to the ldap.', |
420 hostport = '%s:%s' % (self.host, PROTO_PORT[self.protocol]) |
419 hostport = '%s:%s' % (self.host, PROTO_PORT[self.protocol]) |
421 else: |
420 else: |
422 hostport = self.host |
421 hostport = self.host |
423 self.info('connecting %s://%s as %s', self.protocol, hostport, |
422 self.info('connecting %s://%s as %s', self.protocol, hostport, |
424 user and user['dn'] or 'anonymous') |
423 user and user['dn'] or 'anonymous') |
|
424 # don't require server certificate when using ldaps (will |
|
425 # enable self signed certs) |
|
426 ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER) |
425 url = LDAPUrl(urlscheme=self.protocol, hostport=hostport) |
427 url = LDAPUrl(urlscheme=self.protocol, hostport=hostport) |
426 conn = ReconnectLDAPObject(url.initializeUrl()) |
428 conn = ReconnectLDAPObject(url.initializeUrl()) |
427 # Set the protocol version - version 3 is preferred |
429 # Set the protocol version - version 3 is preferred |
428 try: |
430 try: |
429 conn.set_option(ldap.OPT_PROTOCOL_VERSION, ldap.VERSION3) |
431 conn.set_option(ldap.OPT_PROTOCOL_VERSION, ldap.VERSION3) |