Fix LDAPS connection and LDAP login

2019-12-04 14:53:39 +01:00 · 2019-12-04 14:53:39 +01:00 · 5d748a48e7
parent 67755266cb
commit 5d748a48e7
2 changed files with 15 additions and 3 deletions
--- a/app/login.py
+++ b/app/login.py
@ -69,13 +69,25 @@ def check_in_ldap(user, password):
 	server = sql.get_setting('ldap_server')
 	port = sql.get_setting('ldap_port')
 	ldap_class_search = sql.get_setting('ldap_class_search')
 	root_user = sql.get_setting('ldap_user')
 	root_password = sql.get_setting('ldap_password')
 	ldap_base = sql.get_setting('ldap_base')
 	domain = sql.get_setting('ldap_domain')
 	ldap_search_field = sql.get_setting('ldap_search_field')
 	ldap_user_attribute = sql.get_setting('ldap_user_attribute')
-	l = ldap.initialize("ldap://"+server+':'+port)
+	l = ldap.initialize(server+':'+port)
 	try:
 		l.protocol_version = ldap.VERSION3
 		l.set_option(ldap.OPT_REFERRALS, 0)
-		bind = l.simple_bind_s(ldap_class_search+'='+user, password)
+		bind = l.simple_bind_s(root_user, root_password)
 		criteria = "(&(objectClass="+ldap_class_search+")("+ldap_user_attribute+"="+user+"))"
 		attributes = [ldap_search_field]
 		result = l.search_s(ldap_base, ldap.SCOPE_SUBTREE, criteria, attributes)
 		bind = l.simple_bind_s(result[0][0], password)
 	except ldap.INVALID_CREDENTIALS:
 		print("Content-type: text/html\n")	
 		print('<center><div class="alert alert-danger">Invalid credentials</div><br /><br />')
--- a/app/options.py
+++ b/app/options.py
@ -893,7 +893,7 @@ if form.getvalue('get_ldap_email'):
 	ldap_class_search = sql.get_setting('ldap_class_search')
 	ldap_user_attribute = sql.get_setting('ldap_user_attribute')
-	l = ldap.initialize("ldap://"+server+':'+port)
+	l = ldap.initialize(server+':'+port)
 	try:
 		l.protocol_version = ldap.VERSION3
 		l.set_option(ldap.OPT_REFERRALS, 0)