Re: [Kimchi-devel] [PATCHv3 3/8] Add LDAP authentication

12 Nov 2014


      On 10-11-2014 05:09, lvroyce@linux.vnet.ibm.com wrote:
...
+        try:
+            try:
+                result = connect.search_s(
+                    ldap_search_base, ldap.SCOPE_SUBTREE, ldap_search_filter)
+                if len(result) == 0:
+                    entity = ldap_search_filter % {'username': username}
+                    raise ldap.LDAPError("Invalid ldap entity:%s" % entity)
+            except ldap.NO_SUCH_OBJECT:
+                # ldap search base specified wrongly.
+                raise ldap.LDAPError(
+                    "invalid ldap search base %s" % ldap_search_base)
+
+            try:
+                connect.bind_s(result[0][0], password)
+            except ldap.INVALID_CREDENTIALS:
+                # invalid user password
+                raise ldap.LDAPError("invalid user/passwd")
+            connect.unbind_s()
+            return True
+        except ldap.LDAPError, e:
+            arg = {"username": username, "code": e.message}
+            raise OperationFailed("KCHAUTH0001E", arg)
I think the code would look better without the external try/except block.

Re: [Kimchi-devel] [PATCHv3 3/8] Add LDAP authentication

Crístian Viana