Forked from
DM / dm-docs
261 commits behind, 771 commits ahead of the upstream repository.
Code owners
Assign users and groups as approvers for specific file changes. Learn more.
ldapUtility.py 1.69 KiB
#!/usr/bin/env python
import ldap
from dm.common.exceptions.authenticationError import AuthenticationError
from dm.common.exceptions.communicationError import CommunicationError
class LdapUtility:
def __init__(self, serverUrl, dnFormat):
self.serverUrl = serverUrl
self.dnFormat = dnFormat
def checkCredentials(self, username, password):
"""Verifies credentials for username and password. """
ldapUsername = self.dnFormat % username
try:
# build client
ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER)
ldapClient = ldap.initialize(self.serverUrl)
ldapClient.set_option(ldap.OPT_REFERRALS,0)
ldapClient.set_option(ldap.OPT_PROTOCOL_VERSION, ldap.VERSION3)
#ldapClient.ststart_tls_s()
#ldapClient.set_option(ldap.OPT_X_TLS,ldap.OPT_X_TLS_DEMAND)
#ldapClient.set_option( ldap.OPT_X_TLS_DEMAND, True)
#ldapClient.set_option( ldap.OPT_DEBUG_LEVEL, 255)
# perform a synchronous bind
ldapClient.simple_bind_s(ldapUsername, password)
#ldapClient.whoami_s()
except ldap.INVALID_CREDENTIALS, ex:
ldapClient.unbind()
raise AuthenticationError('Invalid LDAP credentials for user %s' % username)
except ldap.SERVER_DOWN, ex:
raise CommunicationError('Cannot reach LDAP server %s' % self.serverUrl)
#######################################################################
# Testing.
if __name__ == '__main__':
ldapUtility = LdapUtility(serverUrl='ldaps://ldap.anl.gov:636', dnFormat='uid=%s,dc=anl,dc=gov')
ldapUtility.checkCredentials('sveseli', 'sv')