Menu
▾
▴
python-ldap-dev
|
From: Ingo S. <st...@un...> - 2004-12-16 12:36:18
|
Hello we are using python-ldap in some of our main projects and are glad to have this great tool. To fulfill our upcomming goals we need to use LDAPControls, but the latest released version of python-ldap doesn't support them. We did some experimental implementations in the C-backend (for "proof of concept") and would now like to define a general approach. This should be done in coordination with you to see our work in upcoming versions of python-ldap. At the moment we need no "complete" implementation, only support for sending an arbitrary OID and the "iscritcal"-Flag. But the implementation should be prepared for optional values and parsing of client-controls. My attempt would defining a python-class LDAPControl (containing OID, iscritcal and value (dictionary)) and implement a correspondig wrapper to *LDAPControl. I think the most diffcult part will be the representation of berval/berelement in python. So, some questions before going further: - is there somebody else implementing this (I didn't look at the cvs) ? - are there already thoughts, definitions or an approach I should know ? - do you know about wrappers between berval/berelement and python ? I'd be glad to get some hints, opinions and feedback. Regards Ingo Steuwer -- Ingo Steuwer st...@un... fon: +49 421 22 232- 0 Entwicklung Linux for Your Business Univention GmbH http://www.univention.de/ fax: +49 421 22 232-99 |
|
From: <mi...@st...> - 2004-12-20 09:25:30
|
Ingo Steuwer wrote: > > To fulfill our upcomming goals we need to use LDAPControls, but the > latest released version of python-ldap doesn't support them. Yes, you'll find a hint in file TODO. > We did some experimental implementations in the C-backend (for "proof of > concept") and would now like to define a general approach. This should > be done in coordination with you to see our work in upcoming versions of > python-ldap. Since I'm not a C programmer (David wrote the C code) I'd be really glad if someone would jump on in and contribute code for LDAP controls and extended operations. I already tried to wrap the arguments whereever appropriate. Please review this. > My attempt would defining a python-class LDAPControl (containing OID, > iscritcal and value (dictionary)) and implement a correspondig wrapper > to *LDAPControl. But value can be a complex ASN.1 structure as well. > I think the most diffcult part will be the > representation of berval/berelement in python. Yes. > - is there somebody else implementing this (I didn't look at the cvs) ? No. And I'm currently rather short on time. I'd highly appreciate your contributions. But note that you should give away copyright for your contributed code. Make sure that your legal department agrees on that. > - are there already thoughts, definitions or an approach I should know ? There are several approaches. 1. Python classes for controls with a method berencode(). This method would be called before passing the controls as argument to the functions in _ldap. This would be the most flexible approach and independent of the underlying OpenLDAP API. Drawbacks are that you need a BER module for this and it's much work for complex controls. 1.a Wrap libber. 1.b Implement a pure Python BER module. Maybe we could get one from a SNMP implementation implemented in Python? 2. We could also wrap the helper functions in libldap (see controls.c, vlvctrl.c, sortctrl.c). But this would add another strong dependency on the OpenLDAP libs. > - do you know about wrappers between berval/berelement and python ? No. You could try to wrap OpenLDAP's libber. Ciao, Michael. |
|
From: Hans A. <Han...@ep...> - 2004-12-20 13:45:08
|
On Monday 20 December 2004 10:01, Michael Str=F6der wrote: > 1.b Implement a pure Python BER module. Maybe we could get one from a > SNMP implementation implemented in Python? I did some research on this topic some time ago. That's the results, as far= as=20 I remember: To me, pySNMP looks fine (feature and license-wise). It is a pure-python=20 package, and the ASN.1 package can be used independently from the rest of t= he=20 pySNMP package, and it has a reasonable size (~100 k). They also implement= =20 (as far as I understand it) not only the snmp-parts of ASN.1 (or their BER= =20 encodings), but try to be generic. On the other hand, I have never tried th= is=20 package... The package and docs are located on sourceforge: http://pysnmp.sourceforge.net/docs/3.4.x/asn1/index.html BTW. pysnmp is also used in twisted... Hans |
|
From: <mi...@st...> - 2004-12-20 19:55:24
|
Hans Aschauer wrote: > On Monday 20 December 2004 10:01, Michael Str=F6der wrote: >=20 >>1.b Implement a pure Python BER module. Maybe we could get one from a >>SNMP implementation implemented in Python? >=20 > To me, pySNMP looks fine (feature and license-wise). I also glanced over it quite a while ago. Do you argue for requiring it=20 as a 3rd-party module? This would be overkill. Hmm, maybe we could=20 convince the author to extract and separately distribute the BER-related = stuff? Ciao, Michael. |
|
From: Ingo S. <st...@un...> - 2005-01-03 10:00:45
|
Am Mo, den 20.12.2004 schrieb Michael Str=F6der um 10:01: > Ingo Steuwer wrote: > >=20 > > To fulfill our upcomming goals we need to use LDAPControls, but the > > latest released version of python-ldap doesn't support them.=20 >=20 > Yes, you'll find a hint in file TODO. >=20 > > We did some experimental implementations in the C-backend (for "proof= of > > concept") and would now like to define a general approach. This shoul= d > > be done in coordination with you to see our work in upcoming versions= of > > python-ldap. >=20 > Since I'm not a C programmer (David wrote the C code) I'd be really gla= d=20 > if someone would jump on in and contribute code for LDAP controls and=20 > extended operations. >=20 > I already tried to wrap the arguments whereever appropriate. Please=20 > review this. >=20 > > My attempt would defining a python-class LDAPControl (containing OID, > > iscritcal and value (dictionary)) and implement a correspondig wrappe= r > > to *LDAPControl. >=20 > But value can be a complex ASN.1 structure as well. >=20 > > I think the most diffcult part will be the > > representation of berval/berelement in python. >=20 > Yes. >=20 > > - is there somebody else implementing this (I didn't look at the cvs)= ? >=20 > No. And I'm currently rather short on time. I'd highly appreciate your=20 > contributions. But note that you should give away copyright for your=20 > contributed code. Make sure that your legal department agrees on that. Sorry for my late answer. It's Ok. > > - are there already thoughts, definitions or an approach I should kno= w ? >=20 > There are several approaches. >=20 > 1. Python classes for controls with a method berencode(). This method=20 > would be called before passing the controls as argument to the function= s=20 > in _ldap. This would be the most flexible approach and independent of=20 > the underlying OpenLDAP API. Drawbacks are that you need a BER module=20 > for this and it's much work for complex controls. >=20 > 1.a Wrap libber. >=20 > 1.b Implement a pure Python BER module. Maybe we could get one from a=20 > SNMP implementation implemented in Python? I'd prefer this way, as mentioned by Hans there are already implementations. In our first attempt we will not include but prepare for them. Ingo Steuwer > 2. We could also wrap the helper functions in libldap (see controls.c,=20 > vlvctrl.c, sortctrl.c). But this would add another strong dependency on= =20 > the OpenLDAP libs. >=20 > > - do you know about wrappers between berval/berelement and python ? >=20 > No. You could try to wrap OpenLDAP's libber. >=20 > Ciao, Michael. --=20 Ingo Steuwer st...@un... fon: +49 421 22 232- 0 Entwicklung Linux for Your Business =20 Univention GmbH http://www.univention.de/ fax: +49 421 22 232-99 |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X