0

我正在使用具有以下设置的 django-auth-ldap,因为 ldap 服务器上没有默认/全局“管理员”用户,它仅用于验证用户,用户自己可能会看到他们的用户信息。

AUTH_LDAP_BIND_AS_AUTHENTICATING_USER=True

django-ldap-debug.log我(作为登录用户)在视图中调用时出现以下错误LDAPBackend().populate_user(request.user.username)

search_s('uid=vchrizz,ou=Users,dc=funkfeuer,dc=at', 0, '(objectClass=*)') raised NO_SUCH_OBJECT({'desc': 'No such object'},)
search_s('uid=vchrizz,ou=Users,dc=funkfeuer,dc=at', 0, '(objectClass=*)') returned 0 objects:

只有在登录时(使用login_requiredfrom django.contrib.auth.decorators)它才会返回一个用户对象:

search_s('uid=vchrizz,ou=Users,dc=funkfeuer,dc=at', 0, '(objectClass=*)') returned 1 objects: uid=vchrizz,ou=users,dc=funkfeuer,dc=at

然后我注意到,我需要设置

AUTH_LDAP_BIND_DN
AUTH_LDAP_BIND_PASSWORD

摆脱错误,但首先我不想指定一个带密码的用户(原因bind_as_authenticating_user),第二个 populate_user() 仍然返回NoneType......

为什么?如何从 ldap 获取返回的用户信息?

我的目标是在我的自定义 /userinfo/ 视图中显示来自 ldap-user 的所有 ldap 用户信息,例如 uidNumber。 http://pastebin.com/VqGiwzFE

谢谢,克里斯

4

1 回答 1

3

最后auth.authenticate失踪了,我不得不rtfm:

存储有关用户的其他信息, 这是获取用户信息的首选方式,而不是我正在寻找的方式。

设置.py:

AUTH_LDAP_PROFILE_ATTR_MAP = {
    "uid": "uid",
    "cn": "cn",
    "sn": "sn",
    "givenName": "givenName",
    "userPassword": "userPassword",
    "shadowLastChange": "shadowLastChange",
    "shadowMax": "shadowMax",
    "shadowWarning": "shadowWarning",
    "loginShell": "loginShell",
    "uidNumber": "uidNumber",
    "gidNumber": "gidNumber",
    "homeDirectory": "homeDirectory",
    "gecos": "gecos",
    "mail": "mail",
    "l": "l",
    "telephoneNumber": "telephoneNumber",
}
AUTH_PROFILE_MODULE = 'myapp.UserProfile'

模型.py:

from django.db import models
from django.contrib.auth.models import User
from django.db.models.signals import post_save

class UserProfile(models.Model):
    # This field is required.
    user = models.OneToOneField(User)
    # Other fields here
    uid = models.CharField(max_length=254)
    cn = models.CharField(max_length=254)
    sn = models.CharField(max_length=254)
    givenName = models.CharField(max_length=254)
    userPassword = models.CharField(max_length=254)
    shadowLastChange = models.IntegerField(null=True)
    shadowMax = models.IntegerField(null=True)
    shadowWarning = models.IntegerField(null=True)
    loginShell = models.CharField(max_length=254)
    uidNumber = models.IntegerField(null=True)
    gidNumber = models.IntegerField(null=True)
    homeDirectory = models.CharField(max_length=254)
    gecos = models.CharField(max_length=254)
    mail = models.EmailField(max_length=254)
    l = models.CharField(max_length=254)
    telephoneNumber = models.CharField(max_length=254)

def create_user_profile(sender, instance, created, **kwargs):
    #if created:
    #    UserProfile.objects.create(user=instance)
    UserProfile.objects.get_or_create(user=instance)

post_save.connect(create_user_profile, sender=User)

视图.py:

from django.contrib.auth.decorators import login_required
from django.http import HttpResponseRedirect
from django.shortcuts import render
from myapp.models import UserProfile

@login_required
def userinfo(request):
    try:
        ldapuserprofile = UserProfile.objects.get(uid=request.user.username)
    except UserProfile.DoesNotExist:
        return HttpResponseRedirect('/login/')
    context = {'request': request, 'ldapuser': ldapuserprofile,}
    return render(request, 'myapp/userinfo.html', context)

然后在 html 模板中可以访问{{ ldapuser.givenName }}

也许它可以帮助某人。

谢谢,克里斯

于 2014-08-10T14:24:43.613 回答