oss/Radicale
oss/Radicale
1
0
Fork 0
mirror of https://github.com/Kozea/Radicale.git synced 2025-06-26 16:45:52 +00:00
Code Wiki Activity
2799 commits 5 branches 81 tags 7.4 MiB
Commit graph

24 commits

Author SHA1 Message Date
Peter Marschall
99f5ec389d LDAP auth: indroduce config option 'ldap_user_attribute' 
This option gives us
- flexible authentication options where the name used for logging on
  does not have to be the account name
  e.g. use ldap_filter = (&(obhjectclass=inetOrgperson)(|(cn={0]})(mail={0})))
  to allow loginng on using the cn or the mail address
- automatically consistent / canonicalized username values
  (i.e. exactly the way the LDAP server returns them)
 2025-01-02 12:05:39 +01:00
Peter Marschall
0253682c00 LDAP auth: do not blindly assume groups have a 2-letter naming attribute 
Instead, strip away everything before (and including) the '=' sign of ther RDN.
 2025-01-02 12:05:39 +01:00
Peter Marschall
8c2feb4726 LDAP auth: escape values used in LDAP filters to avoid possible injection of malicious code. 2025-01-02 12:05:39 +01:00
Peter Marschall
c243ae4ebf LDAP auth: require exactly one result when searching for the LDAP user DN 
This makes sure not fail securely when the query returns multiple entries

- correct grammar in some cases
- we're doing _authentication here, not authorization
- uppercase LDAP in messages & comments
- rename variable _ldap_version to _ldap_module_version
  to avoid misunderstanding it as LDAP's protocol version
- align formatting & messages better between _login2() and _login3()
 2025-01-02 12:05:39 +01:00
Peter Marschall
6f82333ff7 LDAP auth: harmonize _login2() and _login3() methods 2025-01-02 12:05:32 +01:00
Peter Marschall
b22038c746 LDAP auth: a little bit of cleanup 
- correct grammar in some cases
- we're doing authentication here, not authorization
- uppercase LDAP in messages & comments
- rename variable _ldap_version to _ldap_module_version
  to avoid misunderstanding it as LDAP's protocol version
 2024-12-29 17:36:01 +01:00
IM
7df2fb35a7 Disable overloading BaseAuth login method 2024-12-25 21:56:04 +03:00
Peter Bieringer
886f4ee8d0 make tox happy 2024-12-14 09:09:36 +01:00
Peter Bieringer
46acbfd987 Improve: auth.ldap config shown on startup, terminate in case no password is supplied for bind user 2024-12-14 09:04:15 +01:00
Peter Bieringer
0e0592e3b8 extend copyright 2024-12-14 09:02:36 +01:00
Bishtawi
ee2af306d7 Support loading ldap secret from file 2024-11-05 00:35:36 -08:00
Peter Bieringer
687624a403 fix spelling 2024-11-02 13:23:41 +01:00
Dipl. Ing. Péter Varkoly
e887b06d21 Fix syntax 2024-09-23 15:49:58 +02:00
Dipl. Ing. Péter Varkoly
b1c682de57 Enhance docomentation. 
Fix imports
 2024-09-23 15:46:08 +02:00
Dipl. Ing. Péter Varkoly
0feca04086 Implementing ssl connection for ldap auth 2024-09-23 10:19:50 +02:00
Dipl. Ing. Péter Varkoly
645619bac8 Fix format string 2024-09-17 09:33:31 +02:00
Dipl. Ing. Péter Varkoly
b081b3ea06 Fix issue #197 [ERROR] An exception occurred during GET request on '/.web/': string indices must be integers, not 'str' when using LDAP 
Enhance logging
 2024-09-17 09:25:38 +02:00
Dipl. Ing. Péter Varkoly
e05fbeb950 Apply suggestions of mypy 2024-09-11 09:13:26 +02:00
Dipl. Ing. Péter Varkoly
d75b071fec Fix the problems found by flake8. 2024-09-11 08:12:08 +02:00
Dipl. Ing. Péter Varkoly
5cb16a3a2d Fix syntax 2024-09-09 09:42:30 +02:00
Dipl. Ing. Péter Varkoly
8b8d7729a2 Now ldap auth can use ldap and ldap3 also. 2024-08-26 14:16:40 +02:00
Peter Varkoly
8d19fd7a64 Now rights can be add to user groups too. 2022-02-21 17:15:21 +01:00
Dipl. Ing. Péter Varkoly
eda8309a04 Implementing group based collection matching. 
Optimize rights evaluation.
 2022-02-21 08:36:10 +01:00
Peter Varkoly
2dc0fd29dc Initial version of ldap authentication backend. 2022-02-19 11:57:58 +01:00