- Timestamp:
- 04/21/11 14:19:20 (13 years ago)
- Location:
- trunk/sara_cmt/sara_cmt
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/sara_cmt/sara_cmt/cluster/models.py
r12903 r12909 17 17 from django_extensions.db.fields import CreationDateTimeField, \ 18 18 ModificationDateTimeField 19 from sara_cmt import settings20 19 21 20 -
trunk/sara_cmt/sara_cmt/settings.py
r12812 r12909 9 9 SARACMT_BASE = os.path.normpath(os.path.dirname(__file__)) 10 10 PROJECT_BASE = os.path.normpath(os.path.join(SARACMT_BASE, os.path.pardir)) 11 CLIENT_ONLY = True 11 12 12 13 DEBUG = True … … 36 37 # <AUTH AGAINST LDAP> (based on http://packages.python.org/django-auth-ldap/) 37 38 # 38 import ldap 39 from django_auth_ldap.config import LDAPSearch, PosixGroupType 39 if not CLIENT_ONLY: 40 import ldap 41 from django_auth_ldap.config import LDAPSearch, PosixGroupType 40 42 41 43 42 # Baseline configuration.43 AUTH_LDAP_SERVER_URI = "ldaps://ldap.cua.sara.nl"44 # Baseline configuration. 45 AUTH_LDAP_SERVER_URI = "ldaps://ldap.cua.sara.nl" 44 46 45 # Set AUTH_LDAP_USER_DN_TEMPLATE to a template that will produce the46 # authenticating user's DN directly. This template should have one47 # placeholder, %(user)s.48 AUTH_LDAP_USER_DN_TEMPLATE = 'uid=%(user)s,ou=Users,dc=hpcv,dc=sara,dc=nl'47 # Set AUTH_LDAP_USER_DN_TEMPLATE to a template that will produce the 48 # authenticating user's DN directly. This template should have one 49 # placeholder, %(user)s. 50 AUTH_LDAP_USER_DN_TEMPLATE = 'uid=%(user)s,ou=Users,dc=hpcv,dc=sara,dc=nl' 49 51 50 # Set up the basic group parameters.51 AUTH_LDAP_GROUP_SEARCH = LDAPSearch('ou=Groups,dc=hpcv,dc=sara,dc=nl',52 ldap.SCOPE_SUBTREE, '(objectClass=posixGroup)',53 )54 AUTH_LDAP_GROUP_TYPE = PosixGroupType()52 # Set up the basic group parameters. 53 AUTH_LDAP_GROUP_SEARCH = LDAPSearch('ou=Groups,dc=hpcv,dc=sara,dc=nl', 54 ldap.SCOPE_SUBTREE, '(objectClass=posixGroup)', 55 ) 56 AUTH_LDAP_GROUP_TYPE = PosixGroupType() 55 57 56 ## Only users in this group can log in.57 AUTH_LDAP_REQUIRE_GROUP = 'cn=hpcv_admin,ou=Groups,dc=hpcv,dc=sara,dc=nl'58 ## Only users in this group can log in. 59 AUTH_LDAP_REQUIRE_GROUP = 'cn=hpcv_admin,ou=Groups,dc=hpcv,dc=sara,dc=nl' 58 60 59 # Populate the Django user from the LDAP directory.60 AUTH_LDAP_USER_ATTR_MAP = {61 'first_name': 'givenName',62 'last_name': 'sn',63 'email': 'mail',64 }61 # Populate the Django user from the LDAP directory. 62 AUTH_LDAP_USER_ATTR_MAP = { 63 'first_name': 'givenName', 64 'last_name': 'sn', 65 'email': 'mail', 66 } 65 67 66 AUTH_LDAP_USER_FLAGS_BY_GROUP = {67 'is_active': 'cn=hpcv_admin,ou=Groups,dc=hpcv,dc=sara,dc=nl',68 'is_staff': 'cn=hpcv_admin,ou=Groups,dc=hpcv,dc=sara,dc=nl',69 'is_superuser': 'cn=hpcv_admin,ou=Groups,dc=hpcv,dc=sara,dc=nl',70 }68 AUTH_LDAP_USER_FLAGS_BY_GROUP = { 69 'is_active': 'cn=hpcv_admin,ou=Groups,dc=hpcv,dc=sara,dc=nl', 70 'is_staff': 'cn=hpcv_admin,ou=Groups,dc=hpcv,dc=sara,dc=nl', 71 'is_superuser': 'cn=hpcv_admin,ou=Groups,dc=hpcv,dc=sara,dc=nl', 72 } 71 73 72 # This is the default, but I like to be explicit.73 AUTH_LDAP_ALWAYS_UPDATE_USER = True74 # This is the default, but I like to be explicit. 75 AUTH_LDAP_ALWAYS_UPDATE_USER = True 74 76 75 # Cache group memberships for an hour to minimize LDAP traffic76 AUTH_LDAP_CACHE_GROUPS = True77 AUTH_LDAP_GROUP_CACHE_TIMEOUT = 360077 # Cache group memberships for an hour to minimize LDAP traffic 78 AUTH_LDAP_CACHE_GROUPS = True 79 AUTH_LDAP_GROUP_CACHE_TIMEOUT = 3600 78 80 79 # Keep ModelBackend around for per-user permissions and maybe a local80 # superuser.81 AUTHENTICATION_BACKENDS = (82 'django_auth_ldap.backend.LDAPBackend',83 'django.contrib.auth.backends.ModelBackend',84 )81 # Keep ModelBackend around for per-user permissions and maybe a local 82 # superuser. 83 AUTHENTICATION_BACKENDS = ( 84 'django_auth_ldap.backend.LDAPBackend', 85 'django.contrib.auth.backends.ModelBackend', 86 ) 85 87 # 86 88 # </AUTH AGAINST LDAP>
Note: See TracChangeset
for help on using the changeset viewer.