no TLS support
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
repoze.who LDAP plugin |
Fix Committed
|
High
|
Gustavo Narea |
Bug Description
Hi,
If i'm correct it is not possible to use TLS connections in the current version.
The make_ldap_
>>> import ldap
>>> con = ldap.initialize
>>> con.set_
The default in python-ldap seems to be not to use TLS (even if it might be availible). There should probably be a config setting start_tls or so with possible values of at least: never (default for compatibility?), allow, demand. Another cool touch would be server certificate verification.
I might be following with a short patch.
Ok, sorry for that. I might have misread the docs.
"By passing an existing LDAPObject, you're free to use the LDAP authentication method you want, the way you want."
Still doesn't that mean i have to configure everything in python code to have TLS? Maybe a config setting should be provided for convienice then... No one uses unencrypted connections in production and for whatever reasons SSL is not always enabled.