Menu
▾
▴
python-ldap-dev
|
From: Johannes B. <jo...@br...> - 2004-01-26 15:51:00
|
Hello. I use python-ldap with SASL/Digest-MD5 authentication. With each sasl_bind_s() I get output like: SASL/DIGEST-MD5 authentication started SASL username: admin@gandalf SASL SSF: 128 SASL installing layers Is there a way to suppress this output (maybe with some option, I can set with set_option())? Thanks in advance, jojo. |
|
From: <mi...@st...> - 2004-01-26 16:42:15
|
Johannes Beigel wrote: > > I use python-ldap with SASL/Digest-MD5 authentication. With each > sasl_bind_s() I get output like: > > SASL/DIGEST-MD5 authentication started > SASL username: admin@gandalf > SASL SSF: 128 > SASL installing layers Post your code. Watch out for: ldap.initialize(... , trace_level=) and ldap.set_option(ldap.OPT_DEBUG_LEVEL, ... ) Ciao, Michael. |
|
From: Johannes B. <jo...@br...> - 2004-01-31 05:25:10
|
Hi. Michael Ströder wrote: > Johannes Beigel wrote: >> I use python-ldap with SASL/Digest-MD5 authentication. With each >> sasl_bind_s() I get output like: >> >> SASL/DIGEST-MD5 authentication started >> SASL username: admin@gandalf >> SASL SSF: 128 >> SASL installing layers > Post your code. Sorry, I forgot. The relevant code snippet is this: self.ldap = ldap.initialize(uri) sasl = ldap.sasl.digest_md5(ADMIN_WITH_REALM, ADMIN_PW) self.ldap.sasl_bind_s(ADMIN_DN, sasl) After reading your mail, I also tried the following lines instead of the simple call to ldap.initialize() without a change in the output of the program: self.ldap = ldap.initialize(uri, trace_level=0) self.ldap.set_option(ldap.OPT_DEBUG_LEVEL, 0) But I guess, 0 is the default value for OPT_DEBUG_LEVEL and trace_level anyway. (For trace_level this is documented in python-ldap documentation.) Ciao, jojo. |
|
From: <mi...@st...> - 2004-01-31 12:29:21
|
Johannes Beigel wrote: > > self.ldap = ldap.initialize(uri, trace_level=0) > self.ldap.set_option(ldap.OPT_DEBUG_LEVEL, 0) Try to set this globally not only in your LDAPObject instance: ldap.set_option(ldap.OPT_DEBUG_LEVEL, 0) Ciao, Michael. |
|
From: Johannes B. <jo...@br...> - 2004-02-02 10:42:49
|
Hi. [Sorry about the delay in my responses, but I'm only part-time working in my company and I don't read my email every day.] Michael Ströder wrote: > Try to set this globally not only in your LDAPObject instance: > > ldap.set_option(ldap.OPT_DEBUG_LEVEL, 0) Makes no difference (same output). I tried to set the option at different places (before and after initialize()/digest_md5()/ sasl_bind_s(), but that yields all the same result). I use python-ldap, OpenLDAP and libsasl on a Debian (woody/sid) system. Maybe libsasl is compiled with debugging output turned on there? I also noticed the option "-Q" to enable "SASL quiet mode" in the tool ldapsearch. Without this flag, ldapsearch produces the same output as my Python program. Another question regarding SASL: Is there a python-ldap build for windows with SASL-support? (Or: Are there any precompiled versions of the Cyrus SASL library?) Ciao, jojo. |
|
From: Mauro C. <mci...@li...> - 2004-02-02 12:48:13
|
Johannes Beigel wrote: > Another question regarding SASL: Is there a python-ldap build for > windows with SASL-support? (Or: Are there any precompiled versions of > the Cyrus SASL library?) I should have one, if you're interested, but absolutely untested. Mauro |
|
From: <mi...@st...> - 2004-02-04 14:08:26
|
Johannes Beigel wrote: > Maybe libsasl is compiled with debugging output turned on there? I also > noticed the option "-Q" to enable "SASL quiet mode" in the tool > ldapsearch. Without this flag, ldapsearch produces the same output as my > Python program. Well, on my system I don't have such a noisy SASL debugging output. Even when I compiled it myself. So maybe it's your local SASL installation. Maybe you have time to dig into the OpenLDAP sources to find out what this -Q switch really does. We can then decide whether it's feasible to expose that in python-ldap. Ciao, Michael. |
|
From: Joao S. O. B. <gw...@mp...> - 2004-02-01 15:09:08
|
Hi there, I apologize to posting this usage message to the devel list, but it is my most handy resource right now: Which is the best way to check if a given connection is still alive? Maybe try a search with SCOPE_BASE in a node, and check for a time out? I'd need it not to be expensive to the ldap server, neither to delay the thread. Regards, JS -><- |
|
From: <mi...@st...> - 2004-02-02 20:43:06
|
Joao S. O. Bueno wrote: > > I apologize to posting this usage message to the devel list, but > it is my most handy resource right now: It's the only mailing list for python-ldap. So you're welcome to post here. But please use an appropriate subject line for your own topic. Thanks. > Which is the best way to check if a given connection is still alive? > Maybe try a search with SCOPE_BASE in a node, and check for a time > out? I'd need it not to be expensive to the ldap server, neither to > delay the thread. When I'm doing LDAP programming coaching this is a frequently asked question. My answer is always: Don't do it. It's a bad habit. Implement proper reconnecting instead. BTW: That's what ldap.ldapobject.ReconnectLDAPObject is for. But you have to understand what you're doing. And you have to understand the security implications of storing credentials in the ReconnectLDAPObject instance especially when pickling the instance on disk. Ciao, Michael. |
|
From: Joao S. O. B. <gw...@mp...> - 2004-02-02 23:09:15
|
Hi, Thank you for the overview, Michael. Sorry about the message subject. Of course I should have posted it=20 with a proper subject, but I just released I had forgotten to change=20 the subject when it was already too late. Tchau, JS -><- On Monday 02 February 2004 05:20, Michael Str=F6der wrote: > Joao S. O. Bueno wrote: > > I apologize to posting this usage message to the devel list, but > > it is my most handy resource right now: > > It's the only mailing list for python-ldap. So you're welcome to > post here. But please use an appropriate subject line for your own > topic. Thanks. > > > Which is the best way to check if a given connection is still > > alive? Maybe try a search with SCOPE_BASE in a node, and check > > for a time out? I'd need it not to be expensive to the ldap > > server, neither to delay the thread. > > When I'm doing LDAP programming coaching this is a frequently asked > question. > > My answer is always: Don't do it. It's a bad habit. Implement > proper reconnecting instead. > > BTW: That's what ldap.ldapobject.ReconnectLDAPObject is for. But > you have to understand what you're doing. And you have to > understand the security implications of storing credentials in the > ReconnectLDAPObject instance especially when pickling the instance > on disk. > > Ciao, Michael. > |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X