Menu
▾
▴
python-ldap-dev
|
From: <ygo...@dc...> - 2010-04-17 15:39:57
|
Hi, I'm a member of GrudeSL (Free Software Development Group) at UFBA (Federal University of Bahia). We were trying to integrate our new Django site authentication with the existing LDAP server, so we ran for python-ldap and I can say it does its job very well (thank you very much! :D). But, we are unable to connect using ldap.open() because our server use the non-standardized LDAP over SSL scheme "ldaps", along with LDAPv3. Although it worked when we used ldap.initialize(). So I wrote a patch [1] that fix this tiny little issue, while mantaining backward compatibility. I hope you find it useful. [1] - http://pastebin.com/HxtgRAzg Best regards, -- Ygor Mutti (http://icaju.com - @Mamutti) |
|
From: Michael S. <mi...@st...> - 2010-04-17 16:03:15
|
ygo...@dc... wrote:
> I'm a member of GrudeSL (Free Software Development Group) at UFBA
> (Federal University of Bahia). We were trying to integrate our new
> Django site authentication with the existing LDAP server, so we ran
> for python-ldap and I can say it does its job very well (thank you
> very much! :D).
>
> But, we are unable to connect using ldap.open() because our server use
> the non-standardized LDAP over SSL scheme "ldaps", along with LDAPv3.
> Although it worked when we used ldap.initialize(). So I wrote a patch
> [1] that fix this tiny little issue, while mantaining backward
> compatibility.
Using ldap.open() is deprecated for quite a while now. python-ldap
applications still using this function should be fixed.
Frankly I fail to see the benefit of avoiding the use of ldap.initialize(). In
both cases you have to change the application (Django in your case) to make
proper use of either ldap.open(...,ssl=True) or
ldap.initialize('ldaps://...'). In the first case it won't work with unpatched
python-ldap.
=> I reject this patch.
Maybe I've overlooked something though.
(Hopefully this does not discourage to submit patches in the future though.)
> [1] - http://pastebin.com/HxtgRAzg
Feel free to submit patches as attachments to the mailing list next time.
Since then they get properly archived.
Ciao, Michael.
|
|
From: <ygo...@dc...> - 2010-04-17 16:58:14
|
Michael Ströder <mi...@st...>: > Using ldap.open() is deprecated for quite a while now. python-ldap > applications still using this function should be fixed. In this case, I think ldap.open() must raise a DeprecationWarning. Don't you? -- Ygor Mutti (http://icaju.com - @Mamutti) |
|
From: Michael S. <mi...@st...> - 2010-04-17 17:28:42
|
ygo...@dc... wrote: > Michael Ströder <mi...@st...>: > >> Using ldap.open() is deprecated for quite a while now. python-ldap >> applications still using this function should be fixed. > > In this case, I think ldap.open() must raise a DeprecationWarning. Don't > you? Yes, you're right. I would accept such a patch. ;-) At least it's documented: http://www.python-ldap.org/doc/html/ldap.html#ldap.open Ciao, Michael. |
|
From: <ygo...@dc...> - 2010-04-17 20:04:37
Attachments:
functions.patch
|
Michael Ströder <mi...@st...>: > Yes, you're right. I would accept such a patch. ;-) > > At least it's documented: > > http://www.python-ldap.org/doc/html/ldap.html#ldap.open I was using ldap.open because there are many code samples where it's still used, in the tubes. The new patch is attached. I hope to contribute with bigger patches in future. :) Thank you for the attention. -- Ygor Mutti (http://icaju.com - @Mamutti) |
|
From: Michael S. <mi...@st...> - 2010-04-18 12:32:50
|
ygo...@dc... wrote: > Michael Ströder <mi...@st...>: > >> Yes, you're right. I would accept such a patch. ;-) >> >> At least it's documented: >> >> http://www.python-ldap.org/doc/html/ldap.html#ldap.open > > I was using ldap.open because there are many code samples where it's > still used, in the tubes. > > The new patch is attached. Just raising DeprecationWarning exception breaks existing code. I have to reject your patch. ;-) I've checked in a solution which only outputs a warning (just like md5.py does in recent Python releases). So old code should still work. Ciao, Michael. |
|
From: <ygo...@dc...> - 2010-04-19 15:12:26
|
Michael Ströder <mi...@st...>: > Just raising DeprecationWarning exception breaks existing code. I have to > reject your patch. ;-) I understand. > I've checked in a solution which only outputs a warning (just like > md5.py does > in recent Python releases). So old code should still work. I agree that this is a better solution for now. BTW, python-ldap looks a little bit complicated to use. I wonder if it has other functions just like ldap.open, making the API look more complicated than it actually is. I think it would be nice for python-ldap to have a major release with a simpler API. I'll write a smaller API on top of python-ldap to ease the most frequent use cases (simple authentication, searching, etc). If you like the idea, maybe we can work together on it. Thank you! PS: Sorry for the bad english. -- Ygor Mutti (http://icaju.com - @Mamutti) |
|
From: Adam T. W. <awi...@op...> - 2010-04-19 18:28:48
|
On Mon, 2010-04-19 at 12:12 -0300, ygo...@dc... wrote: > Michael Ströder <mi...@st...>: > > Just raising DeprecationWarning exception breaks existing code. I have to > > reject your patch. ;-) > I understand. > > I've checked in a solution which only outputs a warning (just like > > md5.py does > > in recent Python releases). So old code should still work. > I agree that this is a better solution for now. > BTW, python-ldap looks a little bit complicated to use. I wonder if it > has other functions just like ldap.open, making the API look more > complicated than it actually is. I think it would be nice for > python-ldap to have a major release with a simpler API. > I'll write a smaller API on top of python-ldap to ease the most > frequent use cases (simple authentication, searching, etc). If you > like the idea, maybe we can work together on it. As an LDAP admin for more than a decade.... this is nearly impossible to do without loosing generality [especially authentication; and I expect most applications implement an 'authentication' class anyway]. A search is a single method call, which seems pretty simple to me. Perhaps you should look at the ldaphelper module created by Butcher. <http://aleph-null.tv/article/20080125-1203-175.xml/ldaphelper% 3A-A-Python-Extension-Library-for-python-ldap> It simplifies a few things, at minimal expense. > PS: Sorry for the bad english. |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X