[CalendarServer-dev] [CalendarServer] #260: OpenLDAP

CalendarServer trac at macosforge.org
Tue Jan 6 13:16:11 PST 2009


#260: OpenLDAP
---------------------------------------+------------------------------------
 Reporter:  jusiskin@…                 |       Owner:  wsanchez@…        
     Type:  Feature                    |      Status:  new               
 Priority:  3: Important               |   Milestone:  CalendarServer-2.x
Component:  Calendar Server            |    Severity:  Other             
 Keywords:                             |  
---------------------------------------+------------------------------------

Comment(by rahul@…):

 Replying to [comment:14 soren@…]:
 > Replying to [ticket:260 jusiskin@…]:
 > > To implement OpenLDAP as a directory service.

 Yes it is possible. There is no special configuration for this. Also I
 have a small suggestion. Instead of using pwauth for authentication, PAM
 could be used. Below is a sample implementation of the verifyCredentials
 function.

 {{{
 #!python

 import PAM

 def verifyCredentials(self,credentials):
     """
     Verify that the given credentials can authenticate the principal
     represented by this record.
     @param credentials: the credentials to authenticate with.
     @return: C{True} if the given credentials match this record,
         C{False} otherwise.
     """

     def pam_conv(auth, query_list, userData):
         return [(credentials.password, 0)]

     auth = PAM.pam()
     auth.start("caldav") # PAM service name is "caldav"
     auth.set_item(PAM.PAM_USER, credentials.username)
     auth.set_item(PAM.PAM_CONV, pam_conv)
     try:
         auth.authenticate()
     except PAM.error, resp:
         return False
     else:
         return True

 }}}

-- 
Ticket URL: <http://trac.calendarserver.org/ticket/260#comment:15>
CalendarServer </>
HTTP/WebDAV/CalDAV Server


More information about the calendarserver-dev mailing list