def search_dn(self):
"""Searches for the user's Distinguished Name in the LDAP directory.
:returns: A tuple of (dn, canonical_username)
"""
uid_attr = escape_filter_chars(_config.get('ldap', 'uid_attr'))
encoding = _config.get('ldap', 'encoding')
manager = _config.get('ldap', 'manager').encode(encoding)
manager_password = _config.get(
'ldap', 'manager_password', raw=True).encode(encoding)
if manager:
_logger.debug("Attempting authenticated bind as manager to %s",
manager)
self.ldap.simple_bind_s(manager, manager_password)
filter_ = "(%s=%s)" % (uid_attr, escape_filter_chars(
self.username.encode(encoding)))
result = self.ldap.search_s(_config.get('ldap', 'basedn'),
ldap.SCOPE_SUBTREE, filter_)
if not result or not result[0] or not result[0][0]:
raise UserNotFound(filter_)
user_dn, attrs = result[0]
if uid_attr in attrs:
uid = attrs[uid_attr][0].decode(encoding)
else:
uid = self.username
return user_dn.decode(encoding), uid
评论列表
文章目录
