A LDAP Basic Auth authentication layer that validate the user/password against a LDAP server.
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
config
kinto_ldap
.coveragerc
.gitignore
.travis.yml
CHANGELOG.rst
CONTRIBUTORS.rst
LICENSE
MANIFEST.in
Makefile
README.rst
dev-requirements.txt
requirements.txt
setup.cfg
setup.py
tox.ini
try-ldap-connect.py

README.rst

kinto-ldap

travis Coverage

Validate Basic Auth provided user login and password with an LDAP server.

Dependencies

Before installing you will need the following system dependencies:

On Debian based systems:

sudo apt-get install libsasl2-dev python-dev libldap2-dev libssl-dev

On RPM based systems:

sudo yum install openldap-devel openssl-devel python-devel

Installation

Install the Python package:

pip install kinto-ldap

Include the package in the project configuration:

kinto.includes = kinto_ldap

And configure authentication policy using pyramid_multiauth formalism:

multiauth.policies = ldap

By default, it will rely on the cache configured in Kinto.

Configuration

multiauth.policy.ldap.use = kinto_ldap.authentication.LDAPBasicAuthAuthenticationPolicy

kinto.ldap.cache_ttl_seconds = 30
kinto.ldap.endpoint = ldap://ldap.prod.mozaws.net
# kinto.ldap.bind_dn = uid=read_user,ou=logins,dc=mozilla
# kinto.ldap.bind_password = user_password

If necessary, override default values for authentication policy:

# multiauth.policy.ldap.realm = Realm
# kinto.ldap.base_dn = dc=mozilla
# kinto.ldap.filters = (mail={mail})
# kinto.ldap.pool_size = 10
# kinto.ldap.pool_retry_max = 3
# kinto.ldap.pool_retry_delay = .1
# kinto.ldap.pool_timeout = 30