Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.92) (envelope-from ) id 1jE98i-0007rx-5e for pgadmin-hackers@arkaria.postgresql.org; Tue, 17 Mar 2020 10:08:00 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.89) (envelope-from ) id 1jE98g-0005jv-Vp for pgadmin-hackers@arkaria.postgresql.org; Tue, 17 Mar 2020 10:07:58 +0000 Received: from makus.postgresql.org ([2001:4800:3e1:1::229]) by malur.postgresql.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.89) (envelope-from ) id 1jE98g-0005jo-Go for pgadmin-hackers@lists.postgresql.org; Tue, 17 Mar 2020 10:07:58 +0000 Received: from mail-qk1-x72b.google.com ([2607:f8b0:4864:20::72b]) by makus.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from ) id 1jE98Z-0001Wr-Iy for pgadmin-hackers@postgresql.org; Tue, 17 Mar 2020 10:07:57 +0000 Received: by mail-qk1-x72b.google.com with SMTP id d8so31416621qka.2 for ; Tue, 17 Mar 2020 03:07:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=enterprisedb-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=4H9LZTo7eg1cZdrNr0TGGfTmk6QFpI3npItvfl0DO0I=; b=yh26sUMeTNttvxR2t+UjEDNNccag6QfI9XPmcKTY7kj6cWgKQct+oASXF1/U5kk8GR dlQhDFY1FNmo9eplqI8LkDes6fk6onhSvA8S+Mjp3rDWrZNLxPazeA84Vv7fDitd8oQZ UnRCVa0XAj03gVvBvLRfp74A7zV5IJcCY1aDOyHNPgfbfK62EUIshy9yvKH0aRqv98Eb B+K7wNRO0aSI6Ce+OiOMxGHw7phwM1JGpgkdrYMtbOGPal5ByQg2Ew2Ggnn8d1rElTP5 qJGq28z4P8fAoK81PoNVZuVMCalIiVC9gqu2XC5qzVbeYmSRpXDJheDcRYXloAGhl+fX oU1A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=4H9LZTo7eg1cZdrNr0TGGfTmk6QFpI3npItvfl0DO0I=; b=PruG4suZFsETO2I9dQk81SfT+B6W+buJRAtC/kFQ77y2HPwtrFw36pbQqjt+J2DKzU 8OzkbsWP8mxKguofyVxdzG3+5JxqgPStIn/ICJ++obGM5cM785UmmfBh0rex4Tqm2FTb L5qq8uS5CWksnu8wVbRUNM9KmMfoSAHSMxo2Xyv372f38Ma4u50j/z9JYkI4JRQJxh/o zwHp2SQsYDW3w2jrZVZqdcPjupqmgNOJ6LATHkMmtwOWXB/3ZKZbeT+McRId4mULpncH Q6PK8prZYylJFKW1ojWHptEcIB1rMbCtHrnJGWeyLNrdYECWO1Prl7LgWMBscolBPAYO aRQw== X-Gm-Message-State: ANhLgQ3NA/AcxWG6JQA8S7mT7bVsbue508LfI5GxqP3Zp233wS6L0lxz DN2TUqv5zh59Xzdq6tnU8O4GJCmIgWZIkFswB1JKYSol2PAOGns8NTaLQHhGZepX/RnB2a49NJx pX96HRBY7CG9MKj5vi/mBM84T9jWZARKuTooF5c4Hwd0swEcY97eB9XgvsCGcx36dONwMEcDt96 WSpiyjNeYDdh7aFjdZknCnYpwrwMfRZvmLHHLloM8HJcd1JrMbQ64= X-Google-Smtp-Source: ADFU+vuljLxNuRqTel147JGw3m424mtpjKvjM5L5Wf7ZF8fCqMHeUHzSFApuoi2v9tqsmpvvRPOOLEQQ5QmH5rNrqPM= X-Received: by 2002:a37:664d:: with SMTP id a74mr3820865qkc.256.1584439670031; Tue, 17 Mar 2020 03:07:50 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: navnath gadakh Date: Tue, 17 Mar 2020 15:36:47 +0530 Message-ID: Subject: Re: [pgAdmin4][Patch] - RM 2186 - Support external authentication sources [LDAP] To: Khushboo Vashi Cc: pgadmin-hackers Content-Type: multipart/alternative; boundary="000000000000b35f5605a10a1b40" X-CLOUD-SEC-AV-Info: edb,google_mail,monitor X-CLOUD-SEC-AV-Sent: true X-Gm-Spam: 0 X-Gm-Phishy: 0 List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Precedence: bulk --000000000000b35f5605a10a1b40 Content-Type: text/plain; charset="UTF-8" Hi Khushboo, I think there is no use of + if app is not None: + AuthSourceRegistry.load_auth_sources() + in get_auth_sources() function. On Tue, Mar 17, 2020 at 2:25 PM Khushboo Vashi < khushboo.vashi@enterprisedb.com> wrote: > Hi, > > Please find the attached patch to support LDAP Authentication in Server > mode. > To test the patch, config_auth.py needs to be configured for LDAP > configurations. The config settings are explained in this file in detail. > After configuring the parameters, start the pgadmin server in Server mode > and connect with LDAP server with the valid user via login page. > > I have tested this patch with ldap and ldap + ssl/tls. With the TLS, I > have used the default config of ldap3 without certificates. > > @Dave, can you please review this patch, as you have a better > understanding of LDAP and you can easily pointed out if I have missed > anything. > > Note: For the document update I will create the task and assign to Nidhi > for the same. > > Thanks, > Khushboo > -- *-- Navnath* --000000000000b35f5605a10a1b40 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hi Khushboo,<= /div>
=C2=A0 =C2=A0 =C2=A0 =C2=A0I think there is no use o= f=C2=A0

+ =C2=A0 =C2=A0if app is not None:
+ =C2=A0 =C2=A0 =C2=A0 =C2=A0AuthSourceRegi= stry.load_auth_sources()
+

in=C2=A0get_auth= _sources() function.


On = Tue, Mar 17, 2020 at 2:25 PM Khushboo Vashi <khushboo.vashi@enterprisedb.com> wrote:
<= /div>
Hi,

Please find t= he attached patch to support LDAP Authentication in Server mode.
= To test the patch, config_auth.py needs to be configured for LDAP configura= tions. The config settings are explained in this file in detail. After conf= iguring the parameters, start the pgadmin server in Server mode and connect= with LDAP server with the valid user via login page.

<= div>I have tested this patch with ldap and ldap=C2=A0+ ssl/tls. With the TL= S, I have used the default config of ldap3 without certificates.
=
@Dave, can you please review this patch, as you have a bette= r understanding of LDAP and you can easily pointed out if I have missed any= thing.

Note: For the document update I will create= the task and assign to Nidhi for the same.

=
Thanks,
Khushboo


--
-- Navnath
=
--000000000000b35f5605a10a1b40--