[Moin-user] LDAP authentication

Christoph Ludwig ludwig at fh-worms.de
Mon Sep 24 11:21:45 EDT 2007 

Hi,

On Mon, Sep 24, 2007 at 11:07:09AM +0200, Mark.Ziegler at weinig.de wrote:
> we are using MoinMoin now for many years and have a stable, well 
> maintained 1.5.8 installation.
> 
> Since some month we also have an openldap server running. 
> Some sevices like apache, linux boxes and others are using ldap now.
> Next step is MoinMoin and ldap.
> 
> I searched http://moinmoin.wikiwikiweb.de/ for ldap and found a lot of 
> information, but no step-by-step guide.
> 
> My questions would be:
>  * does MoinMoin has LDAP support included? Which resources do I need?

What exactly do you mean by "LDAP support"? MoinMoincomes with code to enable
authentication against an LDAP - look in MoinMoin/auth.py for ldap_login(). 

For some reasons I additionally needed that MoinMoin could create new accounts
in the LDAP and retrieve group members from the LDAP. I therefore patched our
MoinMoin installation (1.5.7) to add these features. Much of this code was
written as part of a 24 hours programming session after a transatlantic 
flight - so it will certainly need some polishing before I can release it to
the public. But if there is interest, then I will do that.

>  * which settings has to be done? Which files has to be edited?

If the existing code in MoinMoin/auth.py meets your needs, then all you need
to edit is your farmconfig.py.

>  * Can someone provide detailed information?

You activate the LDAP login with the lines

    from MoinMoin.auth import moin_cookie, ldap_login
    auth = [ldap_login, moin_cookie]

in your configuration file. Of course, ldap_login also needs to know your LDAP
server's URL, TLS keys and certificates etc. 'grep cfg.ldap_ MoinMoin/auth.py'
gives the following list of available options:
 * ldap_verbose
 * ldap_coding
 * ldap_timeout
 * ldap_start_tls
 * ldap_tls_cacertdir
 * ldap_tls_cacertfile
 * ldap_tls_certfile
 * ldap_tls_keyfile
 * ldap_tls_require_cert
 * ldap_uri
 * ldap_binddn
 * ldap_bindpw
 * ldap_filter
 * ldap_base
 * ldap_scope,
 * ldap_email_attribute
 * ldap_aliasname_attribute
 * ldap_surname_attribute
 * ldap_givenname_attribute


HTH, Regards

Christoph 

-- 
FH Worms - University of Applied Sciences
Fachbereich Informatik / Telekommunikation
Erenburgerstr. 19, 67549 Worms, Germany

More information about the Moin-user mailing list