import os
from django.utils.translation import ugettext_lazy as _
+from django.core.urlresolvers import reverse_lazy
import ldap, logging
from django_auth_ldap.config import LDAPSearch, GroupOfNamesType
USE_L10N = True
AUTHENTICATION_BACKENDS = (
-# Activate Auth LDAP :
-# "organization.core.backend.OrganizationLDAPBackend",
+ "organization.core.backend.OrganizationLDAPBackend",
"mezzanine.core.auth_backends.MezzanineBackend",
"guardian.backends.ObjectPermissionBackend",
)
# 1 - Activate logging :
# logging
-# if DEBUG:
-# logger = logging.getLogger('django_auth_ldap')
-# logger.addHandler(logging.StreamHandler())
-# logger.setLevel(logging.DEBUG)
+if DEBUG:
+ logger = logging.getLogger('django_auth_ldap')
+ logger.addHandler(logging.StreamHandler())
+ logger.setLevel(logging.DEBUG)
# 2 - Specify your LDAP settings :
-# https://django-auth-ldap.readthedocs.io/en/latest/
+AUTH_LDAP_SERVER_URI = "ldap://clusterldap1.ircam.fr"
+AUTH_LDAP_USER_SEARCH = LDAPSearch("ou=People,dc=ircam,dc=fr", ldap.SCOPE_SUBTREE, "(uid=%(user)s)")
+
+# Set up the basic group parameters.
+AUTH_LDAP_GROUP_SEARCH = LDAPSearch("ou=People,dc=ircam,dc=fr",
+ ldap.SCOPE_SUBTREE, "(objectClass=groupOfNames)"
+)
+AUTH_LDAP_GROUP_TYPE = GroupOfNamesType(name_attr="cn")
+
+# Populate the Django user from the LDAP directory.
+AUTH_LDAP_USER_ATTR_MAP = {
+ "first_name": "givenName",
+ "last_name": "sn",
+ "email": "mail"
+}
+
+# This is the default, but I like to be explicit.
+AUTH_LDAP_ALWAYS_UPDATE_USER = True
+
+# Use LDAP group membership to calculate group permissions.
+AUTH_LDAP_FIND_GROUP_PERMS = True
-# 3 - Activate LDAP Backend
-# Please see AUTHENTICATION_BACKENDS
+# Cache group memberships for an hour to minimize LDAP traffic
+AUTH_LDAP_CACHE_GROUPS = True
+AUTH_LDAP_GROUP_CACHE_TIMEOUT = 3600
##################
# LOCAL SETTINGS #
projects / mezzo.git / commitdiff