Re: [Kimchi-devel] [PATCHv3 3/8] Add LDAP authentication
On 10-11-2014 05:09, lvroyce(a)linux.vnet.ibm.com wrote:
+ try:
+ try:
+ result = connect.search_s(
+ ldap_search_base, ldap.SCOPE_SUBTREE, ldap_search_filter)
+ if len(result) == 0:
+ entity = ldap_search_filter % {'username': username}
+ raise ldap.LDAPError("Invalid ldap entity:%s" % entity)
+ except ldap.NO_SUCH_OBJECT:
+ # ldap search base specified wrongly.
+ raise ldap.LDAPError(
+ "invalid ldap search base %s" % ldap_search_base)
+
+ try:
+ connect.bind_s(result[0][0], password)
+ except ldap.INVALID_CREDENTIALS:
+ # invalid user password
+ raise ldap.LDAPError("invalid user/passwd")
+ connect.unbind_s()
+ return True
+ except ldap.LDAPError, e:
+ arg = {"username": username, "code": e.message}
+ raise OperationFailed("KCHAUTH0001E", arg)
I think the code would look better without the external try/except block.