I'm using django-auth-ldap with following setting because there is no default/global 'admin' user on the ldap server, its only for authenticating users and users themselves may see their user information.
AUTH_LDAP_BIND_AS_AUTHENTICATING_USER=True
in django-ldap-debug.log i get following error when (as logged in user) calling in view LDAPBackend().populate_user(request.user.username)
search_s('uid=vchrizz,ou=Users,dc=funkfeuer,dc=at', 0, '(objectClass=*)') raised NO_SUCH_OBJECT({'desc': 'No such object'},)
search_s('uid=vchrizz,ou=Users,dc=funkfeuer,dc=at', 0, '(objectClass=*)') returned 0 objects:
only when logging in (using login_required from django.contrib.auth.decorators) it returns a user object it seems:
search_s('uid=vchrizz,ou=Users,dc=funkfeuer,dc=at', 0, '(objectClass=*)') returned 1 objects: uid=vchrizz,ou=users,dc=funkfeuer,dc=at
then i noticed, i need to set
AUTH_LDAP_BIND_DN
AUTH_LDAP_BIND_PASSWORD
to get rid of the error, but first i dont want to specify a user with password (cause bind_as_authenticating_user) and second populate_user() still returns NoneType ...
why? how do i get the returned user information from ldap?
my goal is to display all ldap user information like uidNumber from the ldap-user in my custom /userinfo/ view. http://pastebin.com/VqGiwzFE
thanks, chris
in the end auth.authenticate was missing and i had to rtfm:
Storing additional information about users this is the preferred way to get user information instead the way i was looking for.
settings.py:
AUTH_LDAP_PROFILE_ATTR_MAP = {
"uid": "uid",
"cn": "cn",
"sn": "sn",
"givenName": "givenName",
"userPassword": "userPassword",
"shadowLastChange": "shadowLastChange",
"shadowMax": "shadowMax",
"shadowWarning": "shadowWarning",
"loginShell": "loginShell",
"uidNumber": "uidNumber",
"gidNumber": "gidNumber",
"homeDirectory": "homeDirectory",
"gecos": "gecos",
"mail": "mail",
"l": "l",
"telephoneNumber": "telephoneNumber",
}
AUTH_PROFILE_MODULE = 'myapp.UserProfile'
models.py:
from django.db import models
from django.contrib.auth.models import User
from django.db.models.signals import post_save
class UserProfile(models.Model):
# This field is required.
user = models.OneToOneField(User)
# Other fields here
uid = models.CharField(max_length=254)
cn = models.CharField(max_length=254)
sn = models.CharField(max_length=254)
givenName = models.CharField(max_length=254)
userPassword = models.CharField(max_length=254)
shadowLastChange = models.IntegerField(null=True)
shadowMax = models.IntegerField(null=True)
shadowWarning = models.IntegerField(null=True)
loginShell = models.CharField(max_length=254)
uidNumber = models.IntegerField(null=True)
gidNumber = models.IntegerField(null=True)
homeDirectory = models.CharField(max_length=254)
gecos = models.CharField(max_length=254)
mail = models.EmailField(max_length=254)
l = models.CharField(max_length=254)
telephoneNumber = models.CharField(max_length=254)
def create_user_profile(sender, instance, created, **kwargs):
#if created:
# UserProfile.objects.create(user=instance)
UserProfile.objects.get_or_create(user=instance)
post_save.connect(create_user_profile, sender=User)
views.py:
from django.contrib.auth.decorators import login_required
from django.http import HttpResponseRedirect
from django.shortcuts import render
from myapp.models import UserProfile
@login_required
def userinfo(request):
try:
ldapuserprofile = UserProfile.objects.get(uid=request.user.username)
except UserProfile.DoesNotExist:
return HttpResponseRedirect('/login/')
context = {'request': request, 'ldapuser': ldapuserprofile,}
return render(request, 'myapp/userinfo.html', context)
then in html template its possible to access {{ ldapuser.givenName }}
maybe it helps someone.
thanks, chris