LDAP directory as authentication backend

Hi there! Many existing orgs have a LDAP directory and it would be convenient to be able to LDAP-backed auth for meta sign in / registration.

I started working on this a few days ago to connects work's directory and will eventually submit patches upstream.

Assigned to
1 year, 2 months ago
10 days ago
No labels applied.

~eschwartz 1 year, 16 days ago

~fnux 1 year, 16 days ago*

Not really: it is possible to use pam_ldap but it creates unwanted side effects on the host system, and makes things complicated. I was cleaning up my local changes when I received the ticket's update notification :-)

~eschwartz 1 year, 16 days ago

Well then, I don't know what your draft looked like before you cleaned it up, but it should be easier to plug in another method now, I think . :)

~azmeuk 10 days ago

For the record:

<azmeuk> I can see there has been ldap support in metasrht one year ago, but it seems to have been rolled back.
<ddevault> yes, the license for the library which was used is not suitable for sourcehut's use
<azmeuk> You mean python-ldap?
<ddevault> probably?
<ddevault> I don't remember which one it was off the top of my head
<azmeuk> They moved to MIT in july
<azmeuk> https://github.com/python-ldap/python-ldap/pull/417
<ddevault> only for future contributions
<ddevault> any code which was written by anyone who didn't explicitly agree to the change, prior to the change, remains under the incompatible license
<azmeuk> I see.

~fnux 10 days ago

Alternative would be to use https://ldap3.readthedocs.io/en/latest/, an alternative (LGPL) ldap library for python.

Register here or Log in to comment, or comment via email.