How do do strong authentication on LDAP connection?
Jacek Konieczny
jajcus at bnet.pl
Sat Mar 30 12:50:34 CET 2002
On Sat, Mar 30, 2002 at 12:10:09PM +0800, Dirksen Lau wrote:
> How to do the strong authentication?
There are two ways:
1. SSL/TLS
==========
Use thing like this (instead of your ldap_open or ldap_initialize):
l=ldap_initialize("ldaps://....");
This will work if your server listens on ldaps port.
If your server listens on ldap port only, but supports TLS, you use it:
l=ldap_initialize("ldap://....")
l.protocol_version=ldap.VERSION3
l.set_option(ldap.OPT_X_TLS,ldap.OPT_X_TLS_DEMAND)
l.start_tls_s()
2. SASL
========
This is not yet supported by python-ldap, but is being worked on.
SASL is a way of doing strong authentication even without encrypting the
whole sessions.
Greets,
Jacek
More information about the python-ldap
mailing list