summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com>2016-05-04 14:23:41 +0200
committerJeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com>2016-05-04 14:23:41 +0200
commit6156015e29566c2381fa680b478c21bf66defc1a (patch)
tree1bcb32aa7acc1b08913b48c9672988540f265d8f
parent19abcc43f18cf1232815d0dd987296a8d0ada13d (diff)
downloadpykolab-6156015e29566c2381fa680b478c21bf66defc1a.tar.gz
Revert "Fix binding current user after LDAP reconnection (T1171)"
This reverts commit a97671344872a40308ce709b2a8810bee37b4d83.
-rw-r--r--pykolab/auth/ldap/__init__.py55
1 files changed, 33 insertions, 22 deletions
diff --git a/pykolab/auth/ldap/__init__.py b/pykolab/auth/ldap/__init__.py
index 64fa1b5..f9e27ff 100644
--- a/pykolab/auth/ldap/__init__.py
+++ b/pykolab/auth/ldap/__init__.py
@@ -116,8 +116,7 @@ class LDAP(pykolab.base.Base):
pykolab.base.Base.__init__(self, domain=domain)
self.ldap = None
- self.bind = None
-
+ self.bind = False
if domain == None:
self.domain = conf.get('kolab', 'primary_domain')
else:
@@ -231,7 +230,8 @@ class LDAP(pykolab.base.Base):
# Needs to be synchronous or succeeds and continues setting retval
# to True!!
- retval = self._bind(entry_dn, login[1])
+ self.ldap.simple_bind_s(entry_dn, login[1])
+ retval = True
try:
auth_cache.set_entry(_filter, entry_dn)
except Exception, errmsg:
@@ -260,12 +260,13 @@ class LDAP(pykolab.base.Base):
# Needs to be synchronous or succeeds and continues setting retval
# to True!!
- retval = self._bind(entry_dn, login[1])
+ self.ldap.simple_bind_s(entry_dn, login[1])
auth_cache.set_entry(_filter, entry_dn)
+ retval = True
except ldap.NO_SUCH_OBJECT, errmsg:
log.debug(_("Error occured, there is no such object: %r") % (errmsg), level=8)
- self.bind = None
+ self.bind = False
try:
auth_cache.del_entry(_filter)
except:
@@ -980,11 +981,8 @@ class LDAP(pykolab.base.Base):
return entry_modifications
def reconnect(self):
- bind = self.bind
self._disconnect()
self.connect()
- if bind is not None:
- self._bind(bind['dn'], bind['pw'])
def search_entry_by_attribute(self, attr, value, **kw):
self._bind()
@@ -1185,33 +1183,27 @@ class LDAP(pykolab.base.Base):
### API depth level increasing!
###
- def _bind(self, bind_dn=None, bind_pw=None):
+ def _bind(self):
if self.ldap == None:
self.connect()
- if self.bind is None or bind_dn is None:
- if bind_dn is None:
- bind_dn = self.config_get('bind_dn')
- if bind_pw is None:
- bind_pw = self.config_get('bind_pw')
+ if not self.bind:
+ bind_dn = self.config_get('bind_dn')
+ bind_pw = self.config_get('bind_pw')
# TODO: Binding errors control
try:
self.ldap.simple_bind_s(bind_dn, bind_pw)
- self.bind = {'dn': bind_dn, 'pw': bind_pw}
+ self.bind = True
except ldap.SERVER_DOWN, errmsg:
log.error(_("LDAP server unavailable: %r") % (errmsg))
log.error(_("%s") % (traceback.format_exc()))
- return False
except ldap.INVALID_CREDENTIALS:
log.error(_("Invalid DN, username and/or password."))
- return False
else:
log.debug(_("_bind called, but already bound"), level=9)
- return True
-
def _change_add_group(self, entry, change):
"""
An entry of type group was added.
@@ -2083,7 +2075,7 @@ class LDAP(pykolab.base.Base):
self._unbind()
del self.ldap
self.ldap = None
- self.bind = None
+ self.bind = False
def _domain_naming_context(self, domain):
self._bind()
@@ -2276,7 +2268,11 @@ class LDAP(pykolab.base.Base):
log.debug(_("Finding domain root dn for domain %s") % (domain), level=8)
+ bind_dn = conf.get('ldap', 'bind_dn')
+ bind_pw = conf.get('ldap', 'bind_pw')
+
domain_base_dn = conf.get('ldap', 'domain_base_dn', quiet=True)
+
domain_filter = conf.get('ldap', 'domain_filter')
if not domain_filter == None:
@@ -2357,7 +2353,9 @@ class LDAP(pykolab.base.Base):
log.debug(_("Listing domains..."), level=8)
self.connect()
- self._bind()
+
+ bind_dn = conf.get('ldap', 'bind_dn')
+ bind_pw = conf.get('ldap', 'bind_pw')
domain_base_dn = conf.get('ldap', 'domain_base_dn', quiet=True)
@@ -2375,6 +2373,12 @@ class LDAP(pykolab.base.Base):
if domain_base_dn == None or domain_filter == None:
return []
+ # TODO: this function should be wrapped for error handling
+ try:
+ self.ldap.simple_bind_s(bind_dn, bind_pw)
+ except ldap.SERVER_DOWN, e:
+ raise AuthBackendError, _("Authentication database DOWN")
+
dna = self.config_get('domain_name_attribute')
if dna == None:
dna = 'associateddomain'
@@ -2411,6 +2415,13 @@ class LDAP(pykolab.base.Base):
return domains
+ def _reconnect(self):
+ """
+ Reconnect to LDAP
+ """
+ self._disconnect()
+ self.connect()
+
def _synchronize_callback(self, *args, **kw):
"""
Determine the characteristics of the callback being placed, and
@@ -2531,7 +2542,7 @@ class LDAP(pykolab.base.Base):
"""
self.ldap.unbind()
- self.bind = None
+ self.bind = False
###
### Backend search functions