I'm using the django-auth-ldap for the authentication.
I'm having the following error:
Caught LDAPError while authenticating xxx: SERVER_DOWN({'info': '(unknown error code)', 'desc': "Can't contact LDAP server"},)
Using:
AUTH_LDAP_CONNECTION_OPTIONS = { ldap.OPT_X_TLS_REQUIRE_CERT : ldap.OPT_X_TLS_NEVER }
in setting.py should solve the problem, but it doesn't.
I played around and it looks like this option must be set before the connection is created. The django_auth_ldap/backend.py sets the options after the connections is set:
self._connection = self.ldap.initialize(self.settings.SERVER_URI)
for opt, value in self.settings.CONNECTION_OPTIONS.iteritems():
self._connection.set_option(opt, value)
Using the django shell I only succeed if the ldap.OPT_X_TLS_REQUIRE_CERT is set in advance:
from django_auth_ldap.backend import LDAPBackend
ldapobj = LDAPBackend()
user = ldapobj.populate_user(username)
# ERROR:
# [12/Jun/2015 14:15:19] WARNING [django_auth_ldap:396] Caught LDAPError while authenticating xxx: SERVER_DOWN({'info': '(unknown error code)', 'desc': "Can't contact LDAP server"},)
if user is None:
print "1st try failed!"
ldapobj.ldap.set_option(ldapobj.ldap.OPT_X_TLS_REQUIRE_CERT, ldapobj.ldap.OPT_X_TLS_NEVER)
user = ldapobj.populate_user(username)
print user.is_anonymous()
Output:
# 1st try failed!
# False
Any idea what I have to do (without modifying the django-auth-ldap code)?
Sounds like you want AUTH_LDAP_GLOBAL_OPTIONS.