Browse Source

broke it, fixed it, broken again

seba 10 years ago
parent
commit
2b2db9109a
3 changed files with 159 additions and 1 deletions
  1. 126
    0
      k4ever/data/cacert.txt
  2. 5
    0
      k4ever/main/backend.py
  3. 28
    1
      k4ever/settings.py

+ 126
- 0
k4ever/data/cacert.txt View File

@@ -0,0 +1,126 @@
1
+Certificate:
2
+    Data:
3
+        Version: 3 (0x2)
4
+        Serial Number: 1 (0x1)
5
+        Signature Algorithm: md5WithRSAEncryption
6
+        Issuer: O=Root CA, OU=http://www.cacert.org, CN=CA Cert Signing Authority/emailAddress=support@cacert.org
7
+        Validity
8
+            Not Before: Oct 14 07:36:55 2005 GMT
9
+            Not After : Mar 28 07:36:55 2033 GMT
10
+        Subject: O=CAcert Inc., OU=http://www.CAcert.org, CN=CAcert Class 3 Root
11
+        Subject Public Key Info:
12
+            Public Key Algorithm: rsaEncryption
13
+            RSA Public Key: (4096 bit)
14
+                Modulus (4096 bit):
15
+                    00:ab:49:35:11:48:7c:d2:26:7e:53:94:cf:43:a9:
16
+                    dd:28:d7:42:2a:8b:f3:87:78:19:58:7c:0f:9e:da:
17
+                    89:7d:e1:fb:eb:72:90:0d:74:a1:96:64:ab:9f:a0:
18
+                    24:99:73:da:e2:55:76:c7:17:7b:f5:04:ac:46:b8:
19
+                    c3:be:7f:64:8d:10:6c:24:f3:61:9c:c0:f2:90:fa:
20
+                    51:e6:f5:69:01:63:c3:0f:56:e2:4a:42:cf:e2:44:
21
+                    8c:25:28:a8:c5:79:09:7d:46:b9:8a:f3:e9:f3:34:
22
+                    29:08:45:e4:1c:9f:cb:94:04:1c:81:a8:14:b3:98:
23
+                    65:c4:43:ec:4e:82:8d:09:d1:bd:aa:5b:8d:92:d0:
24
+                    ec:de:90:c5:7f:0a:c2:e3:eb:e6:31:5a:5e:74:3e:
25
+                    97:33:59:e8:c3:03:3d:60:33:bf:f7:d1:6f:47:c4:
26
+                    cd:ee:62:83:52:6e:2e:08:9a:a4:d9:15:18:91:a6:
27
+                    85:92:47:b0:ae:48:eb:6d:b7:21:ec:85:1a:68:72:
28
+                    35:ab:ff:f0:10:5d:c0:f4:94:a7:6a:d5:3b:92:7e:
29
+                    4c:90:05:7e:93:c1:2c:8b:a4:8e:62:74:15:71:6e:
30
+                    0b:71:03:ea:af:15:38:9a:d4:d2:05:72:6f:8c:f9:
31
+                    2b:eb:5a:72:25:f9:39:46:e3:72:1b:3e:04:c3:64:
32
+                    27:22:10:2a:8a:4f:58:a7:03:ad:be:b4:2e:13:ed:
33
+                    5d:aa:48:d7:d5:7d:d4:2a:7b:5c:fa:46:04:50:e4:
34
+                    cc:0e:42:5b:8c:ed:db:f2:cf:fc:96:93:e0:db:11:
35
+                    36:54:62:34:38:8f:0c:60:9b:3b:97:56:38:ad:f3:
36
+                    d2:5b:8b:a0:5b:ea:4e:96:b8:7c:d7:d5:a0:86:70:
37
+                    40:d3:91:29:b7:a2:3c:ad:f5:8c:bb:cf:1a:92:8a:
38
+                    e4:34:7b:c0:d8:6c:5f:e9:0a:c2:c3:a7:20:9a:5a:
39
+                    df:2c:5d:52:5c:ba:47:d5:9b:ef:24:28:70:38:20:
40
+                    2f:d5:7f:29:c0:b2:41:03:68:92:cc:e0:9c:cc:97:
41
+                    4b:45:ef:3a:10:0a:ab:70:3a:98:95:70:ad:35:b1:
42
+                    ea:85:2b:a4:1c:80:21:31:a9:ae:60:7a:80:26:48:
43
+                    00:b8:01:c0:93:63:55:22:91:3c:56:e7:af:db:3a:
44
+                    25:f3:8f:31:54:ea:26:8b:81:59:f9:a1:d1:53:11:
45
+                    c5:7b:9d:03:f6:74:11:e0:6d:b1:2c:3f:2c:86:91:
46
+                    99:71:9a:a6:77:8b:34:60:d1:14:b4:2c:ac:9d:af:
47
+                    8c:10:d3:9f:c4:6a:f8:6f:13:fc:73:59:f7:66:42:
48
+                    74:1e:8a:e3:f8:dc:d2:6f:98:9c:cb:47:98:95:40:
49
+                    05:fb:e9
50
+                Exponent: 65537 (0x10001)
51
+        X509v3 extensions:
52
+            X509v3 Basic Constraints: critical
53
+                CA:TRUE
54
+            Authority Information Access: 
55
+                OCSP - URI:http://ocsp.CAcert.org/
56
+                CA Issuers - URI:http://www.CAcert.org/ca.crt
57
+
58
+            X509v3 Certificate Policies: 
59
+                Policy: 1.3.6.1.4.1.18506
60
+                  CPS: http://www.CAcert.org/index.php?id=10
61
+
62
+    Signature Algorithm: md5WithRSAEncryption
63
+        7f:08:88:a1:da:1a:50:49:da:89:fb:a1:08:72:f3:8a:f7:1e:
64
+        c4:3a:b4:79:5b:20:30:b1:45:de:c2:5d:d3:65:69:f1:c2:5d:
65
+        54:54:3c:85:5f:b9:7b:42:91:c2:99:fd:1b:51:9b:ab:46:a5:
66
+        a1:10:53:9e:6d:88:ac:73:6e:2c:33:a6:f0:f4:9e:e0:75:c1:
67
+        3e:88:45:a9:e1:66:43:fe:56:5a:d1:7a:41:78:f7:40:da:4a:
68
+        3a:f1:0b:5b:a5:bb:16:06:e6:c2:e7:93:b9:85:4d:97:4f:b1:
69
+        1e:38:43:80:ef:9b:0d:8c:ef:b8:a7:60:00:87:57:7d:1e:44:
70
+        1c:cb:23:ef:9b:3c:99:9d:af:b5:29:1c:45:79:16:96:4d:27:
71
+        6d:f1:1c:6c:c3:c2:55:64:b3:bc:14:e2:f3:a4:1f:1e:32:fc:
72
+        27:15:05:cf:dd:2e:ae:3e:82:61:7b:f0:21:10:18:f6:44:ea:
73
+        53:39:f9:dc:d0:9a:20:e0:c6:bb:e0:bb:5a:4f:c4:99:c8:07:
74
+        bd:b5:bd:a2:db:2e:62:0d:42:34:41:bc:ff:8b:8a:f5:51:22:
75
+        aa:88:30:00:e2:b0:d4:bc:be:65:ba:d5:03:57:79:9b:e8:dc:
76
+        c8:4d:f8:50:ed:91:a5:52:28:a2:ac:fb:36:58:3e:e9:94:2b:
77
+        91:50:87:1b:d6:5e:d6:8c:cc:f7:0f:10:0c:52:4e:d0:16:61:
78
+        e5:e5:0a:6c:bf:17:c7:72:46:57:9c:98:f5:6c:60:63:7a:6f:
79
+        5e:b9:4e:2f:c8:b9:b9:bb:6a:85:bc:98:0d:ed:f9:3e:97:84:
80
+        34:94:ae:00:af:a1:e5:e7:92:6e:4e:bd:f3:e2:d9:14:8b:5c:
81
+        d2:eb:01:6c:a0:17:a5:2d:10:eb:9c:7a:4a:bd:bd:ee:ce:fd:
82
+        ed:22:40:ab:70:38:88:f5:0a:87:6a:c2:ab:05:60:c9:48:05:
83
+        da:53:c1:de:44:77:6a:b3:f3:3c:3c:ed:80:bc:a6:38:4a:29:
84
+        24:5f:fe:59:3b:9b:25:7a:56:63:00:64:b9:5d:a4:62:7d:57:
85
+        36:4f:ad:83:ef:1f:92:53:a0:8e:77:57:dd:e5:61:11:3d:23:
86
+        00:90:4c:3c:fa:a3:60:93:04:a3:af:35:f6:0e:6a:8f:4f:4a:
87
+        60:a7:85:05:6c:46:a1:8f:f4:c7:76:e3:a1:59:57:f7:71:b2:
88
+        c4:6e:14:5c:6d:6d:41:66:df:1b:93:b1:d4:00:c3:ee:cb:cf:
89
+        3c:3d:21:80:a9:5f:63:65:fc:dd:e0:5f:a4:f4:2b:f0:85:71:
90
+        41:d4:67:25:fb:1a:b1:97:ae:d6:99:82:13:41:d2:6e:a5:1b:
91
+        99:27:80:e7:0b:a9:a8:00
92
+-----BEGIN CERTIFICATE-----
93
+MIIGCDCCA/CgAwIBAgIBATANBgkqhkiG9w0BAQQFADB5MRAwDgYDVQQKEwdSb290
94
+IENBMR4wHAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNB
95
+IENlcnQgU2lnbmluZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRA
96
+Y2FjZXJ0Lm9yZzAeFw0wNTEwMTQwNzM2NTVaFw0zMzAzMjgwNzM2NTVaMFQxFDAS
97
+BgNVBAoTC0NBY2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5v
98
+cmcxHDAaBgNVBAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwggIiMA0GCSqGSIb3DQEB
99
+AQUAA4ICDwAwggIKAoICAQCrSTURSHzSJn5TlM9Dqd0o10Iqi/OHeBlYfA+e2ol9
100
+4fvrcpANdKGWZKufoCSZc9riVXbHF3v1BKxGuMO+f2SNEGwk82GcwPKQ+lHm9WkB
101
+Y8MPVuJKQs/iRIwlKKjFeQl9RrmK8+nzNCkIReQcn8uUBByBqBSzmGXEQ+xOgo0J
102
+0b2qW42S0OzekMV/CsLj6+YxWl50PpczWejDAz1gM7/30W9HxM3uYoNSbi4ImqTZ
103
+FRiRpoWSR7CuSOtttyHshRpocjWr//AQXcD0lKdq1TuSfkyQBX6TwSyLpI5idBVx
104
+bgtxA+qvFTia1NIFcm+M+SvrWnIl+TlG43IbPgTDZCciECqKT1inA62+tC4T7V2q
105
+SNfVfdQqe1z6RgRQ5MwOQluM7dvyz/yWk+DbETZUYjQ4jwxgmzuXVjit89Jbi6Bb
106
+6k6WuHzX1aCGcEDTkSm3ojyt9Yy7zxqSiuQ0e8DYbF/pCsLDpyCaWt8sXVJcukfV
107
+m+8kKHA4IC/VfynAskEDaJLM4JzMl0tF7zoQCqtwOpiVcK01seqFK6QcgCExqa5g
108
+eoAmSAC4AcCTY1UikTxW56/bOiXzjzFU6iaLgVn5odFTEcV7nQP2dBHgbbEsPyyG
109
+kZlxmqZ3izRg0RS0LKydr4wQ05/EavhvE/xzWfdmQnQeiuP43NJvmJzLR5iVQAX7
110
+6QIDAQABo4G/MIG8MA8GA1UdEwEB/wQFMAMBAf8wXQYIKwYBBQUHAQEEUTBPMCMG
111
+CCsGAQUFBzABhhdodHRwOi8vb2NzcC5DQWNlcnQub3JnLzAoBggrBgEFBQcwAoYc
112
+aHR0cDovL3d3dy5DQWNlcnQub3JnL2NhLmNydDBKBgNVHSAEQzBBMD8GCCsGAQQB
113
+gZBKMDMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93d3cuQ0FjZXJ0Lm9yZy9pbmRleC5w
114
+aHA/aWQ9MTAwDQYJKoZIhvcNAQEEBQADggIBAH8IiKHaGlBJ2on7oQhy84r3HsQ6
115
+tHlbIDCxRd7CXdNlafHCXVRUPIVfuXtCkcKZ/RtRm6tGpaEQU55tiKxzbiwzpvD0
116
+nuB1wT6IRanhZkP+VlrRekF490DaSjrxC1uluxYG5sLnk7mFTZdPsR44Q4Dvmw2M
117
+77inYACHV30eRBzLI++bPJmdr7UpHEV5FpZNJ23xHGzDwlVks7wU4vOkHx4y/CcV
118
+Bc/dLq4+gmF78CEQGPZE6lM5+dzQmiDgxrvgu1pPxJnIB721vaLbLmINQjRBvP+L
119
+ivVRIqqIMADisNS8vmW61QNXeZvo3MhN+FDtkaVSKKKs+zZYPumUK5FQhxvWXtaM
120
+zPcPEAxSTtAWYeXlCmy/F8dyRlecmPVsYGN6b165Ti/Iubm7aoW8mA3t+T6XhDSU
121
+rgCvoeXnkm5OvfPi2RSLXNLrAWygF6UtEOucekq9ve7O/e0iQKtwOIj1CodqwqsF
122
+YMlIBdpTwd5Ed2qz8zw87YC8pjhKKSRf/lk7myV6VmMAZLldpGJ9VzZPrYPvH5JT
123
+oI53V93lYRE9IwCQTDz6o2CTBKOvNfYOao9PSmCnhQVsRqGP9Md246FZV/dxssRu
124
+FFxtbUFm3xuTsdQAw+7Lzzw9IYCpX2Nl/N3gX6T0K/CFcUHUZyX7GrGXrtaZghNB
125
+0m6lG5kngOcLqagA
126
+-----END CERTIFICATE-----

+ 5
- 0
k4ever/main/backend.py View File

@@ -0,0 +1,5 @@
1
+from django_auth_ldap.backend import LDAPBackend
2
+
3
+CustomLDAPBackend(LDAPBackend):
4
+	def populate_user(username):
5
+		

+ 28
- 1
k4ever/settings.py View File

@@ -1,5 +1,7 @@
1 1
 # Django settings for k4ever project.
2 2
 
3
+import ldap
4
+
3 5
 DEBUG = True
4 6
 TEMPLATE_DEBUG = DEBUG
5 7
 
@@ -60,11 +62,36 @@ ADMIN_MEDIA_PREFIX = '/media/admin/'
60 62
 # Make this unique, and don't share it with anybody.
61 63
 SECRET_KEY = 'l(f*a$l)_n_n_5#lh@rvhv(na^!lj1u#bow=c!*90(1w$5%b^j'
62 64
 
63
-# User Profile / Login stuff
65
+
66
+################################
67
+##    Authentication Block    ##
68
+################################
64 69
 AUTH_PROFILE_MODULE = 'main.UserProfile'
65 70
 LOGIN_URL = '/user/login/'
66 71
 LOGIN_REDIRECT_URL = '/'
67 72
 
73
+AUTHENTICATION_BACKENDS = (
74
+	'main.backend.CustomLDAPBackend',
75
+#	'django_auth_ldap.backend.LDAPBackend',
76
+	'django.contrib.auth.backends.ModelBackend',
77
+)
78
+
79
+# ldap section
80
+AUTH_LDAP_SERVER_URI = 'ldaps://chef.freitagsrunde.org'
81
+AUTH_LDAP_START_TLS = False # we already use LDAPS
82
+AUTH_LDAP_USER_DN_TEMPLATE = "uid=%(user)s,ou=users,dc=freitagsrunde,dc=org"
83
+AUTH_LDAP_USER_ATTR_MAP = {"first_name": "givenName", "last_name": "sn"}
84
+AUTH_LDAP_GLOBAL_OPTIONS = {ldap.OPT_X_TLS_CACERTFILE: "data/cacert.txt"}
85
+
86
+## Nur ein Beispiel, falls technik@ automatisch admin der Kasse werden soll.
87
+#AUTH_LDAP_USER_FLAGS_BY_GROUP = {
88
+##	"is_active": "cn=active,ou=groups,dc=example,dc=com",
89
+#	"is_staff": "cn=staff,ou=groups,dc=example,dc=com",
90
+#	"is_superuser": "cn=superuser,ou=groups,dc=example,dc=com"
91
+#}
92
+
93
+
94
+
68 95
 # List of callables that know how to import templates from various sources.
69 96
 TEMPLATE_LOADERS = (
70 97
     'django.template.loaders.filesystem.Loader',

Loading…
Cancel
Save