gws.plugin.auth_provider.ldap

LDAP authorization provider.

Source code: gws.plugin.auth_provider.ldap

Package Contents

class gws.plugin.auth_provider.ldap.UserSpec(*args, **kwargs)

Bases: gws.Data

Map LDAP filters to authorization roles

roles: list[str]

GWS role names

matches: str | None

LDAP filter the account has to match

memberOf: str | None

LDAP group the account has to be a member of

class gws.plugin.auth_provider.ldap.Config(*args, **kwargs)

Bases: gws.base.auth.provider.Config

LDAP authorization provider

activeDirectory: bool = True

true if the LDAP server is ActiveDirectory

bindDN: str | None

bind DN

bindPassword: str | None

bind password

displayNameFormat: gws.FormatStr | None

format for user’s display name

users: list[UserSpec]

map LDAP filters to gws roles

timeout: gws.Duration = 30

LDAP server timeout

url: str

//host:port/baseDN?searchAttribute”

Type:

LDAP server url like “ldap

class gws.plugin.auth_provider.ldap.Object

Bases: gws.base.auth.provider.Object

Authentication Provider.

serverUrl: str

baseDN: str

loginAttribute: str

timeout: int

configure()

Configuration hook.

authenticate(method, credentials)

Authenticate a user.

Parameters:

• method – Authentication method.

• credentials – Credentials object.

Returns:

An authenticated User or None if authentication failed.

get_user(local_uid)

Get a User from its local uid.

Parameters:

local_uid – User local uid.

Returns:

A User or None.