no TLS support
Bug #489557 reported by
Maciej Kazulak
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| repoze.who LDAP plugin |
Fix Committed
|
High
|
Gustavo Narea | ||
Bug Description
Hi,
If i'm correct it is not possible to use TLS connections in the current version.
The make_ldap_
>>> import ldap
>>> con = ldap.initialize
>>> con.set_
The default in python-ldap seems to be not to use TLS (even if it might be availible). There should probably be a config setting start_tls or so with possible values of at least: never (default for compatibility?), allow, demand. Another cool touch would be server certificate verification.
I might be following with a short patch.
Revision history for this message
| Maciej Kazulak (kazulakm) wrote | #1 |
Revision history for this message
| Gustavo Narea (gnarea) wrote | #2 |
| Changed in repoze.who.plugins.ldap: | |
| status: | New → Fix Committed |
| assignee: | nobody → Gustavo Narea (gnarea) |
| importance: | Undecided → High |
| milestone: | none → 1.1 |
To post a comment you must log in.
Ok, sorry for that. I might have misread the docs.
"By passing an existing LDAPObject, you're free to use the LDAP authentication method you want, the way you want."
Still doesn't that mean i have to configure everything in python code to have TLS? Maybe a config setting should be provided for convienice then... No one uses unencrypted connections in production and for whatever reasons SSL is not always enabled.