4 commits - configure.ac pykolab/auth pykolab/Makefile.am

Jeroen van Meeuwen vanmeeuwen at kolabsys.com
Thu Aug 22 18:54:50 CEST 2013


 configure.ac                    |    4 -
 pykolab/Makefile.am             |    1 
 pykolab/auth/ldap/__init__.py   |  112 ++++++++++++++++++++------------
 pykolab/auth/ldap/auth_cache.py |  138 ++++++++++++++++++++++++++++++++++++++++
 4 files changed, 213 insertions(+), 42 deletions(-)

New commits:
commit e92e65bb9db33e4952238e37a704a17242c11c2a
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date:   Thu Aug 22 16:26:51 2013 +0200

    Don't forget to include the new file, ey?

diff --git a/pykolab/Makefile.am b/pykolab/Makefile.am
index f62bb93..a23aa6e 100644
--- a/pykolab/Makefile.am
+++ b/pykolab/Makefile.am
@@ -8,6 +8,7 @@ pykolab_auth_PYTHON = \
 pykolab_auth_ldapdir = $(pythondir)/$(PACKAGE)/auth/ldap
 pykolab_auth_ldap_PYTHON = \
 	auth/ldap/__init__.py \
+	auth/ldap/auth_cache.py \
 	auth/ldap/cache.py \
 	auth/ldap/syncrepl.py
 


commit df7565ef128cad33b35cc899cafc2d68eb70d1fb
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date:   Thu Aug 22 16:25:49 2013 +0200

    0.6.5

diff --git a/configure.ac b/configure.ac
index 8537159..79800f8 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,5 +1,5 @@
-AC_INIT([pykolab], 0.6.4)
-AC_SUBST([RELEASE], 2)
+AC_INIT([pykolab], 0.6.5)
+AC_SUBST([RELEASE], 1)
 
 AC_CONFIG_SRCDIR(pykolab/constants.py.in)
 


commit fb8715aebec46026d7c6da543bc01ba59a8d5be4
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date:   Thu Aug 22 16:24:44 2013 +0200

    Make use of the authentication cache

diff --git a/pykolab/auth/ldap/__init__.py b/pykolab/auth/ldap/__init__.py
index 341ae32..4f9ad64 100644
--- a/pykolab/auth/ldap/__init__.py
+++ b/pykolab/auth/ldap/__init__.py
@@ -35,6 +35,7 @@ from pykolab.translate import _
 log = pykolab.getLogger('pykolab.auth')
 conf = pykolab.getConf()
 
+import auth_cache
 import cache
 
 # Catch python-ldap-2.4 changes
@@ -151,13 +152,24 @@ class LDAP(pykolab.base.Base):
         self.connect()
         self._bind()
 
-        config_base_dn = self.config_get('base_dn')
-        ldap_base_dn = self._kolab_domain_root_dn(self.domain)
+        # See if we know a base_dn for the domain
+        base_dn = None
 
-        if not ldap_base_dn == None and not ldap_base_dn == config_base_dn:
-            base_dn = ldap_base_dn
-        else:
-            base_dn = config_base_dn
+        try:
+            base_dn = auth_cache.get_entry(self.domain)
+        except:
+            pass
+
+        if base_dn == None:
+            config_base_dn = self.config_get('base_dn')
+            ldap_base_dn = self._kolab_domain_root_dn(self.domain)
+
+            if not ldap_base_dn == None and not ldap_base_dn == config_base_dn:
+                base_dn = ldap_base_dn
+            else:
+                base_dn = config_base_dn
+
+            auth_cache.set_entry(self.domain, base_dn)
 
         user_filter = self.config_get_raw('user_filter') % ({'base_dn':base_dn})
 
@@ -171,49 +183,69 @@ class LDAP(pykolab.base.Base):
 
         _filter += ')%s)' % (user_filter)
 
-        config_base_dn = self.config_get('base_dn')
-        ldap_base_dn = self._kolab_domain_root_dn(self.domain)
+        entry_dn = None
 
-        if not ldap_base_dn == None and not ldap_base_dn == config_base_dn:
-            base_dn = ldap_base_dn
-        else:
-            base_dn = config_base_dn
+        try:
+            entry_dn = auth_cache.get_entry(_filter)
+        except:
+            pass
 
-        _search = self.ldap.search_ext(
-                base_dn,
-                ldap.SCOPE_SUBTREE,
-                _filter,
-                ['entrydn']
-            )
+        if entry_dn == None:
+            _search = self.ldap.search_ext(
+                    base_dn,
+                    ldap.SCOPE_SUBTREE,
+                    _filter,
+                    ['entrydn']
+                )
 
-        (
-                _result_type,
-                _result_data,
-                _result_msgid,
-                _result_controls
-            ) = self.ldap.result3(_search)
+            (
+                    _result_type,
+                    _result_data,
+                    _result_msgid,
+                    _result_controls
+                ) = self.ldap.result3(_search)
 
-        if len(_result_data) >= 1:
-            (entry_dn, entry_attrs) = _result_data[0]
+            if len(_result_data) >= 1:
+                (entry_dn, entry_attrs) = _result_data[0]
 
-        try:
-            log.debug(_("Binding with user_dn %s and password %s")
-                % (entry_dn, login[1]))
+            try:
+                log.debug(_("Binding with user_dn %s and password %s")
+                    % (entry_dn, login[1]))
+
+                # Needs to be synchronous or succeeds and continues setting retval
+                # to True!!
+                self.ldap.simple_bind_s(entry_dn, login[1])
+                retval = True
+                auth_cache.set_entry(_filter, entry_dn)
+            except:
+                try:
+                    log.debug(
+                            _("Failed to authenticate as user %s") % (login[0]),
+                            level=8
+                        )
+                except:
+                    pass
 
-            # Needs to be synchronous or succeeds and continues setting retval
-            # to True!!
-            self.ldap.simple_bind_s(entry_dn, login[1])
-            retval = True
-        except:
+                retval = False
+        else:
             try:
-                log.debug(
-                        _("Failed to authenticate as user %s") % (login[0]),
-                        level=8
-                    )
+                log.debug(_("Binding with user_dn %s and password %s")
+                    % (entry_dn, login[1]))
+
+                # Needs to be synchronous or succeeds and continues setting retval
+                # to True!!
+                self.ldap.simple_bind_s(entry_dn, login[1])
+                retval = True
             except:
-                pass
+                try:
+                    log.debug(
+                            _("Failed to authenticate as user %s") % (login[0]),
+                            level=8
+                        )
+                except:
+                    pass
 
-            retval = False
+                retval = False
 
         return retval
 


commit 7efeedbf1b5ac25fdc897cf5d931cb043da7c173
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date:   Thu Aug 22 16:24:31 2013 +0200

    Add an authentication cache

diff --git a/pykolab/auth/ldap/auth_cache.py b/pykolab/auth/ldap/auth_cache.py
new file mode 100644
index 0000000..12f362c
--- /dev/null
+++ b/pykolab/auth/ldap/auth_cache.py
@@ -0,0 +1,138 @@
+# Copyright 2010-2013 Kolab Systems AG (http://www.kolabsys.com)
+#
+# Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen a kolabsys.com>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; version 3 or, at your option, any later version
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Library General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+#
+
+import datetime
+
+import sqlalchemy
+
+from sqlalchemy import Column
+from sqlalchemy import DateTime
+from sqlalchemy import Integer
+from sqlalchemy import MetaData
+from sqlalchemy import String
+from sqlalchemy import Table
+
+from sqlalchemy import desc
+from sqlalchemy import create_engine
+from sqlalchemy.orm import mapper
+
+try:
+    from sqlalchemy.orm import relationship
+except:
+    from sqlalchemy.orm import relation as relationship
+
+try:
+    from sqlalchemy.orm import sessionmaker
+except:
+    from sqlalchemy.orm import create_session
+
+import pykolab
+
+from pykolab import utils
+from pykolab.constants import KOLAB_LIB_PATH
+from pykolab.translate import _
+
+conf = pykolab.getConf()
+log = pykolab.getLogger('pykolab.auth_cache')
+
+metadata = MetaData()
+
+db = None
+
+##
+## Classes
+##
+
+class Entry(object):
+    def __init__(self, key, value):
+        self.key = key
+        self.value = value
+
+##
+## Tables
+##
+
+entry_table = Table(
+        'entries', metadata,
+        Column('id', Integer, primary_key=True),
+        Column('domain', String(128), index=True, nullable=True),
+        Column('key', String(128), index=True, nullable=False),
+        Column('value', String(128), nullable=False),
+        Column('last_change', DateTime, nullable=False, default=datetime.datetime.now())
+    )
+
+##
+## Table <-> Class Mappers
+##
+
+mapper(Entry, entry_table)
+
+##
+## Functions
+##
+
+def get_entry(key):
+    db = init_db()
+    _entries = db.query(Entry).filter_by(key=key).all()
+
+    if len(_entries) == 0:
+        return None
+    if len(_entries) > 1:
+        return None
+
+    log.debug("Entry found: %r" % (_entries[0].__dict__))
+    log.debug("Returning: %r" % (_entries[0].value))
+
+    return _entries[0].value
+
+def set_entry(key, value):
+    db = init_db()
+    _entries = db.query(Entry).filter_by(key=key).all()
+
+    if len(_entries) == 0:
+        db.add(
+                Entry(
+                        key,
+                        value
+                    )
+            )
+
+        db.commit()
+
+#def purge_entries():
+    #db = init_db()
+    #db.query(Entry).filter(Entry.last_change <= datetime.datetime.now()).delete()
+
+def init_db():
+    """
+        Returns a SQLAlchemy Session() instance.
+    """
+    global db
+
+    if not db == None:
+        return db
+
+    db_uri = 'sqlite:///%s/auth_cache.db' % (KOLAB_LIB_PATH)
+    echo = conf.debuglevel > 8
+    engine = create_engine(db_uri, echo=echo)
+    metadata.create_all(engine)
+
+    Session = sessionmaker(bind=engine)
+    db = Session()
+
+    return db




More information about the commits mailing list