A git clone of https://bitbucket.org/psagers/django-auth-ldap/wiki/Home, with many changes as our team sees fit.
Python Makefile
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
django_auth_ldap
docs
test
.hgignore
CHANGES
LICENSE
MANIFEST.in
Makefile
README
setup.py
tox.ini

README

**This is a fork that implements many changes intented for our projects specific use case. It is
not intended for use with other projects, and it is not a drop-in replacement. You should look to
the source project for using ldap in your project.**

This is a Django authentication backend that authenticates against an LDAP
service. Configuration can be as simple as a single distinguished name template,
but there are many rich configuration options for working with users, groups,
and permissions.

This version is supported on Python 2.6, 2.7, 3.3, and 3.4; and Django >= 1.3.
Under Python 2, it requires `python-ldap
<https://pypi.python.org/pypi/python-ldap>`_ >= 2.0; under Python 3, it uses
`pyldap <https://pypi.python.org/pypi/pyldap>`_.

Full documentation can be found at
http://pythonhosted.org/django-auth-ldap/; following is an example
configuration, just to whet your appetite::

    import ldap
    from django_auth_ldap.config import LDAPSearch, GroupOfNamesType


    AUTH_LDAP ={
        'SERVER_URI': "ldap://ldap.example.com",

        'BIND_DN': "cn=django-agent,dc=example,dc=com",
        'BIND_PASSWORD': "phlebotinum",
        'USER_SEARCH': LDAPSearch("ou=users,dc=example,dc=com",
            ldap.SCOPE_SUBTREE, "(uid=%(user)s)"),
        # or perhaps:
        # 'USER_DN_TEMPLATE': "uid=%(user)s,ou=users,dc=example,dc=com",

        # Set up the basic group parameters.
        'GROUP_SEARCH': LDAPSearch("ou=django,ou=groups,dc=example,dc=com",
            ldap.SCOPE_SUBTREE, "(objectClass=groupOfNames)"
        ),
        'GROUP_TYPE': GroupOfNamesType(name_attr="cn"),

        # Simple group restrictions
        'REQUIRE_GROUP': "cn=enabled,ou=django,ou=groups,dc=example,dc=com",
        'DENY_GROUP': "cn=disabled,ou=django,ou=groups,dc=example,dc=com",

        # Populate the Django user from the LDAP directory.
        'USER_ATTR_MAP': {
            "first_name": "givenName",
            "last_name": "sn",
            "email": "mail"
        },

        'PROFILE_ATTR_MAP': {
            "employee_number": "employeeNumber"
        },

        'USER_FLAGS_BY_GROUP': {
            "is_active": "cn=active,ou=django,ou=groups,dc=example,dc=com",
            "is_staff": "cn=staff,ou=django,ou=groups,dc=example,dc=com",
            "is_superuser": "cn=superuser,ou=django,ou=groups,dc=example,dc=com"
        },

        'PROFILE_FLAGS_BY_GROUP': {
            "is_awesome": "cn=awesome,ou=django,ou=groups,dc=example,dc=com",
        },

        # This is the default, but I like to be explicit.
        'ALWAYS_UPDATE_USER': True,

        # Use LDAP group membership to calculate group permissions.
        'FIND_GROUP_PERMS': True,

        # Cache group memberships for an hour to minimize LDAP traffic
        'CACHE_GROUPS': True,
        'GROUP_CACHE_TIMEOUT': 3600,
    }


    # Keep ModelBackend around for per-user permissions and maybe a local
    # superuser.
    AUTHENTICATION_BACKENDS = (
        'django_auth_ldap.backend.LDAPBackend',
        'django.contrib.auth.backends.ModelBackend',
    )