Changeset 12909 for trunk


Ignore:
Timestamp:
04/21/11 14:19:20 (13 years ago)
Author:
sil
Message:

Added option to setup as a client/server, to include/exclude (for example) LDAP specific settings. fixes #3140

Location:
trunk/sara_cmt/sara_cmt
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • trunk/sara_cmt/sara_cmt/cluster/models.py

    r12903 r12909  
    1717from django_extensions.db.fields import CreationDateTimeField, \
    1818                                        ModificationDateTimeField
    19 from sara_cmt import settings
    2019
    2120

  • trunk/sara_cmt/sara_cmt/settings.py

    r12812 r12909  
    99SARACMT_BASE = os.path.normpath(os.path.dirname(__file__))
    1010PROJECT_BASE = os.path.normpath(os.path.join(SARACMT_BASE, os.path.pardir))
     11CLIENT_ONLY = True
    1112
    1213DEBUG = True
     
    3637# <AUTH AGAINST LDAP> (based on http://packages.python.org/django-auth-ldap/)
    3738#
    38 import ldap
    39 from django_auth_ldap.config import LDAPSearch, PosixGroupType
     39if not CLIENT_ONLY:
     40    import ldap
     41    from django_auth_ldap.config import LDAPSearch, PosixGroupType
    4042
    4143
    42 # Baseline configuration.
    43 AUTH_LDAP_SERVER_URI = "ldaps://ldap.cua.sara.nl"
     44    # Baseline configuration.
     45    AUTH_LDAP_SERVER_URI = "ldaps://ldap.cua.sara.nl"
    4446
    45 # Set AUTH_LDAP_USER_DN_TEMPLATE to a template that will produce the
    46 # authenticating user's DN directly. This template should have one
    47 # placeholder, %(user)s.
    48 AUTH_LDAP_USER_DN_TEMPLATE = 'uid=%(user)s,ou=Users,dc=hpcv,dc=sara,dc=nl'
     47    # Set AUTH_LDAP_USER_DN_TEMPLATE to a template that will produce the
     48    # authenticating user's DN directly. This template should have one
     49    # placeholder, %(user)s.
     50    AUTH_LDAP_USER_DN_TEMPLATE = 'uid=%(user)s,ou=Users,dc=hpcv,dc=sara,dc=nl'
    4951
    50 # Set up the basic group parameters.
    51 AUTH_LDAP_GROUP_SEARCH = LDAPSearch('ou=Groups,dc=hpcv,dc=sara,dc=nl',
    52     ldap.SCOPE_SUBTREE, '(objectClass=posixGroup)',
    53 )
    54 AUTH_LDAP_GROUP_TYPE = PosixGroupType()
     52    # Set up the basic group parameters.
     53    AUTH_LDAP_GROUP_SEARCH = LDAPSearch('ou=Groups,dc=hpcv,dc=sara,dc=nl',
     54        ldap.SCOPE_SUBTREE, '(objectClass=posixGroup)',
     55    )
     56    AUTH_LDAP_GROUP_TYPE = PosixGroupType()
    5557
    56 ## Only users in this group can log in.
    57 AUTH_LDAP_REQUIRE_GROUP = 'cn=hpcv_admin,ou=Groups,dc=hpcv,dc=sara,dc=nl'
     58    ## Only users in this group can log in.
     59    AUTH_LDAP_REQUIRE_GROUP = 'cn=hpcv_admin,ou=Groups,dc=hpcv,dc=sara,dc=nl'
    5860
    59 # Populate the Django user from the LDAP directory.
    60 AUTH_LDAP_USER_ATTR_MAP = {
    61     'first_name': 'givenName',
    62     'last_name': 'sn',
    63     'email': 'mail',
    64 }
     61    # Populate the Django user from the LDAP directory.
     62    AUTH_LDAP_USER_ATTR_MAP = {
     63        'first_name': 'givenName',
     64        'last_name': 'sn',
     65        'email': 'mail',
     66    }
    6567
    66 AUTH_LDAP_USER_FLAGS_BY_GROUP = {
    67     'is_active': 'cn=hpcv_admin,ou=Groups,dc=hpcv,dc=sara,dc=nl',
    68     'is_staff': 'cn=hpcv_admin,ou=Groups,dc=hpcv,dc=sara,dc=nl',
    69     'is_superuser': 'cn=hpcv_admin,ou=Groups,dc=hpcv,dc=sara,dc=nl',
    70 }
     68    AUTH_LDAP_USER_FLAGS_BY_GROUP = {
     69        'is_active': 'cn=hpcv_admin,ou=Groups,dc=hpcv,dc=sara,dc=nl',
     70        'is_staff': 'cn=hpcv_admin,ou=Groups,dc=hpcv,dc=sara,dc=nl',
     71        'is_superuser': 'cn=hpcv_admin,ou=Groups,dc=hpcv,dc=sara,dc=nl',
     72    }
    7173
    72 # This is the default, but I like to be explicit.
    73 AUTH_LDAP_ALWAYS_UPDATE_USER = True
     74    # This is the default, but I like to be explicit.
     75    AUTH_LDAP_ALWAYS_UPDATE_USER = True
    7476
    75 # Cache group memberships for an hour to minimize LDAP traffic
    76 AUTH_LDAP_CACHE_GROUPS = True
    77 AUTH_LDAP_GROUP_CACHE_TIMEOUT = 3600
     77    # Cache group memberships for an hour to minimize LDAP traffic
     78    AUTH_LDAP_CACHE_GROUPS = True
     79    AUTH_LDAP_GROUP_CACHE_TIMEOUT = 3600
    7880
    79 # Keep ModelBackend around for per-user permissions and maybe a local
    80 # superuser.
    81 AUTHENTICATION_BACKENDS = (
    82     'django_auth_ldap.backend.LDAPBackend',
    83     'django.contrib.auth.backends.ModelBackend',
    84 )
     81    # Keep ModelBackend around for per-user permissions and maybe a local
     82    # superuser.
     83    AUTHENTICATION_BACKENDS = (
     84        'django_auth_ldap.backend.LDAPBackend',
     85        'django.contrib.auth.backends.ModelBackend',
     86    )
    8587#
    8688# </AUTH AGAINST LDAP>
Note: See TracChangeset for help on using the changeset viewer.