使用测试服务器故障配置django_python3_ldap

时间:2019-03-06 16:27:23

标签: django ldap

使用django_python3_ldap连接到该测试服务器时遇到问题:

https://www.forumsys.com/tutorials/integration-how-to/ldap/online-ldap-test-server/

它无法识别任何用户的用户名或密码,并且想知道是否有人可以在我的实现中看到错误

AUTHENTICATION_BACKENDS = [
    'django.contrib.auth.backends.ModelBackend',
    'django_python3_ldap.auth.LDAPBackend',
]

LOGIN_URL = '/login'
LOGOUT_REDIRECT_URL = '/logout'


LDAP_AUTH_URL = "ldap://ldap.forumsys.com:389"

LDAP_AUTH_SEARCH_BASE = 'dc=example,dc=com'
LDAP_AUTH_USER_FIELDS = {
    "first_name": "givenName",
    "last_name": "sn",
    "email": "mail"}

LDAP_AUTH_USER_LOOKUP_FIELDS = ("user",)


LDAP_AUTH_CONNECTION_PASSWORD = "password"
LDAP_AUTH_USE_TLS = False

LDAP_AUTH_CLEAN_USER_DATA = "django_python3_ldap.utils.clean_user_data"
LDAP_AUTH_SYNC_USER_RELATIONS = "django_python3_ldap.utils.sync_user_relations"
LDAP_AUTH_FORMAT_SEARCH_FILTERS = "django_python3_ldap.utils.format_search_filters"
LDAP_AUTH_FORMAT_USERNAME = "django_python3_ldap.utils.format_username_openldap"
LDAP_AUTH_ACTIVE_DIRECTORY_DOMAIN = 'ldap.forumsys.com'

LOGGING = {
    "version": 1,
    "disable_existing_loggers": False,
    "handlers": {
        "console": {
            "class": "logging.StreamHandler",
        },
    },
    "loggers": {
        "django_python3_ldap": {
            "handlers": ["console"],
            "level": "INFO",
        },
    },
}
 INSTALLED_APPS = [
'django_python3_ldap',
'kpi.apps.KpiConfig',
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',

]

因此,此测试服务器没有连接用户名,但是看起来像是连接密码。我知道拥有日志记录信息会有所帮助,但是我不确定如何在下面的views.py函数中记录操作:

class LoginView(TemplateView):
    template_name = 'KPI/login.html'

    def post(self, request):
        email = password = ""
        state = ""

        if request.POST:
            email = request.POST.get('email')
            password = request.POST.get('password')

            print(email, password)

            user = authenticate(username=request.POST.get('email'), password=request.POST.get('password'))
            if user is not None:
                login(request, user)

                return redirect('/login/index')
            else:
                state = "Inactive account"
                # logging.StreamHandler
        return render(request, self.template_name, {'state': state, 'email': email})

在较早使用另一个ldap插件时,我可以通过在非活动帐户操作中使用logging.StreamHandler来获取日志记录信息,但这似乎不起作用。

1 个答案:

答案 0 :(得分:0)

这是我在Django2.2上的工作设置,您可以通过以下方式进行检查:

##############ACTIVE DIRECTORY INTEGRATION##############
AUTHENTICATION_BACKENDS = [
    'django_python3_ldap.auth.LDAPBackend',
]

# The URL of the LDAP server.
LDAP_AUTH_URL = "ldap://10.50.140.20:389"

# Initiate TLS on connection.
LDAP_AUTH_USE_TLS = False

# The LDAP search base for looking up users.
LDAP_AUTH_SEARCH_BASE = "CN=Users,DC=testdomain,DC=local"

# The LDAP class that represents a user.
LDAP_AUTH_OBJECT_CLASS = "user"

# User model fields mapped to the LDAP
# attributes that represent them.

LDAP_AUTH_USER_FIELDS = {
    "username": "sAMAccountName",
    "first_name": "givenName",
    "last_name": "sn",
    "email": "mail",
    "role": "title",
    "department_id": "departmentId",
    "subdivision_id": "subdivisionId",
}

# A tuple of django model fields used to uniquely identify a user.
LDAP_AUTH_USER_LOOKUP_FIELDS = ("username",)

# Path to a callable that takes a dict of {model_field_name: value},
# returning a dict of clean model data.
# Use this to customize how data loaded from LDAP is saved to the User model.
LDAP_AUTH_CLEAN_USER_DATA = "django_python3_ldap.utils.clean_user_data"

# Path to a callable that takes a user model and a dict of {ldap_field_name: [value]},
# and saves any additional user relationships based on the LDAP data.
# Use this to customize how data loaded from LDAP is saved to User model relations.
# For customizing non-related User model fields, use LDAP_AUTH_CLEAN_USER_DATA.
LDAP_AUTH_SYNC_USER_RELATIONS = "django_python3_ldap.utils.sync_user_relations"

# Path to a callable that takes a dict of {ldap_field_name: value},
# returning a list of [ldap_search_filter]. The search filters will then be AND'd
# together when creating the final search filter.
LDAP_AUTH_FORMAT_SEARCH_FILTERS = "django_python3_ldap.utils.format_search_filters"

# Path to a callable that takes a dict of {model_field_name: value}, and returns
# a string of the username to bind to the LDAP server.
# Use this to support different types of LDAP server.
LDAP_AUTH_FORMAT_USERNAME = "django_python3_ldap.utils.format_username_active_directory"

# Sets the login domain for Active Directory users.
LDAP_AUTH_ACTIVE_DIRECTORY_DOMAIN = 'testdomain'

# The LDAP username and password of a user for querying the LDAP database for user
# details. If None, then the authenticated user will be used for querying, and
# the `ldap_sync_users` command will perform an anonymous query.

LDAP_AUTH_CONNECTION_USERNAME = 'adintegrationuser'
LDAP_AUTH_CONNECTION_PASSWORD = 'Pass1234'

# Set connection/receive timeouts (in seconds) on the underlying `ldap3` library.
LDAP_AUTH_CONNECT_TIMEOUT = None
LDAP_AUTH_RECEIVE_TIMEOUT = None


##########FOR LOGGING##############
LOGGING = {
    "version": 1,
    "disable_existing_loggers": False,
    "handlers": {
        "console": {
            "class": "logging.StreamHandler",
        },
    },
    "loggers": {
        "django_python3_ldap": {
            "handlers": ["console"],
            "level": "INFO",
        },
    },
}

这是视图部分:

def loginuser(request):
    if request.method == 'POST':
        user_name = request.POST['username']
        pass_word = request.POST['password']
        userobj = authenticate(request, username = user_name, password=pass_word)
        if userobj is not None:
            login(request, userobj)
            messages.success(request, 'You are Logged in !')
            return redirect('crmapp')                       
        else:
            messages.success(request, 'Wrong credentials', extra_tags='red')
            return redirect('loginuser')
    else:

        if request.user.is_authenticated:
            return redirect('crmapp')
        else:
            form = LoginForm()
            context = {'form': form}
            return render(request, 'loginuser.html', context)