[Moin-user] Question about the auth module
Dexter Arver
counterpoke at gmail.com
Fri Nov 3 18:37:59 EST 2006
Hello!
I am trying to change the ldap authentication module in auth.py. Basically,
I am trying to enforce a group membership policy.
To do this, I have added the following code to auth.py (ldap_login function,
after ldap_dict is declared):
{{{
try:
request.log("MEMBER %s" %
ldap_dict['memberOf'].index("CN=necgroup,CN=Us
ers,DC=somedomain,DC=com"))
except:
request.log("NOT A MEMEBER of necgroup!")
else:
return user_obj, True
}}}
The try line will cause an exception if the user is not a member of
necgroup. But even with this code, the user is still being authenticated.
How do I make it so that this function will not allow the user to
authenticate? I tried doing a {{{return None}}}, but it doesn't seem to do
anything to stop the user from authenticating :(
-Dexter
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/moin-user/attachments/20061103/4fe19a27/attachment.html>
More information about the Moin-user
mailing list