Please take our Survey
logo       
<prev   next>

Choosing A Webhost:
A web hosting service is a type of Internet hosting service that allows individuals and organizations to provide their own website accessible via the World Wide Web. Web hosts are companies that provide space on a server they own for use by their clients as well as providing Internet connectivity, typically in a data center. Web hosts can also provide data center space and connectivity to the Internet for servers they do not own to be located in their data center, called colocation. more...

Re: auth from ldap: msg#00038

bug-tracking.roundup.user

Subject: Re: auth from ldap

On Tuesday 24 June 2003 07:45 am, Farkas Levente wrote:
> is there any way not to register each user regualry but auth from ldap.
> my biggest need for a ticketing system where each user authenticate
> itself from a list of any other way without have to choose an own
> username. I'd like if all of our user would have one login name for all
> kind of system. otherwise each user choose a different username
> everywhere and login names goes to a big chaos.

I have successfully set up a system where the user database in Roundup was
slaved off an external database (in my case it was a UN*X passwd file). This
is about the most sane approach to take IMO because any attempt to replace
the regular user storage mechanism in Roundup would be painful in the extreme
(you would have to guarantee that users are never removed from the LDAP
store).

A script that reads users from an LDAP store using http://python-ldap.sf.net/
and then compares the list to the users in the roundup user database would be
pretty easy to write. You'd then have it run once an hour / day (or on demand
if you can work that into your LDAP store workflow).

To authenticate off the LDAP store (rather than using the passwords in the
roundup user database) you'd use the same python-ldap module inside an
extension to the cgi interface. You'd do this by adding a method called
"verifyPassword" to the Client class in your tracker's interfaces.py module.
The method is implemented by default as:

def verifyPassword(self, userid, password):
''' Verify the password that the user has supplied
'''
stored = self.db.user.get(self.userid, 'password')
if password == stored:
return 1
if not password and not stored:
return 1
return 0

So you could reimplement this as something like:

def verifyPassword(self, userid, password):
''' Verify the password that the user has supplied
'''
# look up some unique LDAP information about the user
username = self.db.user.get(self.userid, 'username')
# now verify the password supplied against the LDAP store

Please let me know how you go...


Richard

Attachment: pgpN3pT3MMiFA.pgp
Description: signature
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  auth from ldap, Farkas Levente
Next by Date:  Manhood Growth Solution - Herbal Pills uxtto, Make Life Better
Previous by Thread:  auth from ldap, Farkas Levente
Next by Thread:  Manhood Growth Solution - Herbal Pills uxtto, Make Life Better
Indexes:  [Date] [Thread] [Top] [All Lists]

Google Custom Search
Recently Viewed:
drivers.mtd/200...    security.firewa...    java.openamf.cv...    rpm.yum/2003-08...    telephony.sipp....    file-systems.oc...    qnx.openqnx.dev...    voip.linphone.u...    hardware.sony/2...    network.simulat...    boot-loaders.gr...    ietf.usenet.for...    culture.languag...    emacs.latex.pre...    music.jamiroqua...    xfree86.neomagi...    user-groups.lin...    ltp/2006-08/msg...    kde.kst/2005-08...    programming.too...    os.freebsd.deve...    window-managers...    audio.cd-record...    gnu.fiasco.bugs...   
Home | advertise | OSDir is an inevitable website. super tiny logo

Free Magazines

Cisco News
Receive a free quarterly e-newsletter with exclusive articles on how Cisco IT uses its own products and solutions to enable the business.
subscribe

Systems Management News, the newspaper for IT systems administration and data center managers! Each issue of Systems Management News is chock-full of news and analysis to help you understand what's happening in your field.
subscribe

The Enterprise Newsweekly eWeek is the essential technology information source for builders of e-business.
subscribe

Oracle Magazine Oracle Magazine contains technology strategy articles, sample code, tips, Oracle and partner news, how to articles for developers and DBAs, and more. Oracle (NASDAQ: ORCL) is the world's largest enterprise software company.
subscribe

Total Telecom Total Telecom is "The Economist of the communications industry".
subscribe

Navigation