4 commits - configure.ac pykolab/auth pykolab/Makefile.am
Jeroen van Meeuwen
vanmeeuwen at kolabsys.com
Thu Aug 22 18:54:50 CEST 2013
configure.ac | 4 -
pykolab/Makefile.am | 1
pykolab/auth/ldap/__init__.py | 112 ++++++++++++++++++++------------
pykolab/auth/ldap/auth_cache.py | 138 ++++++++++++++++++++++++++++++++++++++++
4 files changed, 213 insertions(+), 42 deletions(-)
New commits:
commit e92e65bb9db33e4952238e37a704a17242c11c2a
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date: Thu Aug 22 16:26:51 2013 +0200
Don't forget to include the new file, ey?
diff --git a/pykolab/Makefile.am b/pykolab/Makefile.am
index f62bb93..a23aa6e 100644
--- a/pykolab/Makefile.am
+++ b/pykolab/Makefile.am
@@ -8,6 +8,7 @@ pykolab_auth_PYTHON = \
pykolab_auth_ldapdir = $(pythondir)/$(PACKAGE)/auth/ldap
pykolab_auth_ldap_PYTHON = \
auth/ldap/__init__.py \
+ auth/ldap/auth_cache.py \
auth/ldap/cache.py \
auth/ldap/syncrepl.py
commit df7565ef128cad33b35cc899cafc2d68eb70d1fb
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date: Thu Aug 22 16:25:49 2013 +0200
0.6.5
diff --git a/configure.ac b/configure.ac
index 8537159..79800f8 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,5 +1,5 @@
-AC_INIT([pykolab], 0.6.4)
-AC_SUBST([RELEASE], 2)
+AC_INIT([pykolab], 0.6.5)
+AC_SUBST([RELEASE], 1)
AC_CONFIG_SRCDIR(pykolab/constants.py.in)
commit fb8715aebec46026d7c6da543bc01ba59a8d5be4
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date: Thu Aug 22 16:24:44 2013 +0200
Make use of the authentication cache
diff --git a/pykolab/auth/ldap/__init__.py b/pykolab/auth/ldap/__init__.py
index 341ae32..4f9ad64 100644
--- a/pykolab/auth/ldap/__init__.py
+++ b/pykolab/auth/ldap/__init__.py
@@ -35,6 +35,7 @@ from pykolab.translate import _
log = pykolab.getLogger('pykolab.auth')
conf = pykolab.getConf()
+import auth_cache
import cache
# Catch python-ldap-2.4 changes
@@ -151,13 +152,24 @@ class LDAP(pykolab.base.Base):
self.connect()
self._bind()
- config_base_dn = self.config_get('base_dn')
- ldap_base_dn = self._kolab_domain_root_dn(self.domain)
+ # See if we know a base_dn for the domain
+ base_dn = None
- if not ldap_base_dn == None and not ldap_base_dn == config_base_dn:
- base_dn = ldap_base_dn
- else:
- base_dn = config_base_dn
+ try:
+ base_dn = auth_cache.get_entry(self.domain)
+ except:
+ pass
+
+ if base_dn == None:
+ config_base_dn = self.config_get('base_dn')
+ ldap_base_dn = self._kolab_domain_root_dn(self.domain)
+
+ if not ldap_base_dn == None and not ldap_base_dn == config_base_dn:
+ base_dn = ldap_base_dn
+ else:
+ base_dn = config_base_dn
+
+ auth_cache.set_entry(self.domain, base_dn)
user_filter = self.config_get_raw('user_filter') % ({'base_dn':base_dn})
@@ -171,49 +183,69 @@ class LDAP(pykolab.base.Base):
_filter += ')%s)' % (user_filter)
- config_base_dn = self.config_get('base_dn')
- ldap_base_dn = self._kolab_domain_root_dn(self.domain)
+ entry_dn = None
- if not ldap_base_dn == None and not ldap_base_dn == config_base_dn:
- base_dn = ldap_base_dn
- else:
- base_dn = config_base_dn
+ try:
+ entry_dn = auth_cache.get_entry(_filter)
+ except:
+ pass
- _search = self.ldap.search_ext(
- base_dn,
- ldap.SCOPE_SUBTREE,
- _filter,
- ['entrydn']
- )
+ if entry_dn == None:
+ _search = self.ldap.search_ext(
+ base_dn,
+ ldap.SCOPE_SUBTREE,
+ _filter,
+ ['entrydn']
+ )
- (
- _result_type,
- _result_data,
- _result_msgid,
- _result_controls
- ) = self.ldap.result3(_search)
+ (
+ _result_type,
+ _result_data,
+ _result_msgid,
+ _result_controls
+ ) = self.ldap.result3(_search)
- if len(_result_data) >= 1:
- (entry_dn, entry_attrs) = _result_data[0]
+ if len(_result_data) >= 1:
+ (entry_dn, entry_attrs) = _result_data[0]
- try:
- log.debug(_("Binding with user_dn %s and password %s")
- % (entry_dn, login[1]))
+ try:
+ log.debug(_("Binding with user_dn %s and password %s")
+ % (entry_dn, login[1]))
+
+ # Needs to be synchronous or succeeds and continues setting retval
+ # to True!!
+ self.ldap.simple_bind_s(entry_dn, login[1])
+ retval = True
+ auth_cache.set_entry(_filter, entry_dn)
+ except:
+ try:
+ log.debug(
+ _("Failed to authenticate as user %s") % (login[0]),
+ level=8
+ )
+ except:
+ pass
- # Needs to be synchronous or succeeds and continues setting retval
- # to True!!
- self.ldap.simple_bind_s(entry_dn, login[1])
- retval = True
- except:
+ retval = False
+ else:
try:
- log.debug(
- _("Failed to authenticate as user %s") % (login[0]),
- level=8
- )
+ log.debug(_("Binding with user_dn %s and password %s")
+ % (entry_dn, login[1]))
+
+ # Needs to be synchronous or succeeds and continues setting retval
+ # to True!!
+ self.ldap.simple_bind_s(entry_dn, login[1])
+ retval = True
except:
- pass
+ try:
+ log.debug(
+ _("Failed to authenticate as user %s") % (login[0]),
+ level=8
+ )
+ except:
+ pass
- retval = False
+ retval = False
return retval
commit 7efeedbf1b5ac25fdc897cf5d931cb043da7c173
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date: Thu Aug 22 16:24:31 2013 +0200
Add an authentication cache
diff --git a/pykolab/auth/ldap/auth_cache.py b/pykolab/auth/ldap/auth_cache.py
new file mode 100644
index 0000000..12f362c
--- /dev/null
+++ b/pykolab/auth/ldap/auth_cache.py
@@ -0,0 +1,138 @@
+# Copyright 2010-2013 Kolab Systems AG (http://www.kolabsys.com)
+#
+# Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen a kolabsys.com>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; version 3 or, at your option, any later version
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU Library General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+#
+
+import datetime
+
+import sqlalchemy
+
+from sqlalchemy import Column
+from sqlalchemy import DateTime
+from sqlalchemy import Integer
+from sqlalchemy import MetaData
+from sqlalchemy import String
+from sqlalchemy import Table
+
+from sqlalchemy import desc
+from sqlalchemy import create_engine
+from sqlalchemy.orm import mapper
+
+try:
+ from sqlalchemy.orm import relationship
+except:
+ from sqlalchemy.orm import relation as relationship
+
+try:
+ from sqlalchemy.orm import sessionmaker
+except:
+ from sqlalchemy.orm import create_session
+
+import pykolab
+
+from pykolab import utils
+from pykolab.constants import KOLAB_LIB_PATH
+from pykolab.translate import _
+
+conf = pykolab.getConf()
+log = pykolab.getLogger('pykolab.auth_cache')
+
+metadata = MetaData()
+
+db = None
+
+##
+## Classes
+##
+
+class Entry(object):
+ def __init__(self, key, value):
+ self.key = key
+ self.value = value
+
+##
+## Tables
+##
+
+entry_table = Table(
+ 'entries', metadata,
+ Column('id', Integer, primary_key=True),
+ Column('domain', String(128), index=True, nullable=True),
+ Column('key', String(128), index=True, nullable=False),
+ Column('value', String(128), nullable=False),
+ Column('last_change', DateTime, nullable=False, default=datetime.datetime.now())
+ )
+
+##
+## Table <-> Class Mappers
+##
+
+mapper(Entry, entry_table)
+
+##
+## Functions
+##
+
+def get_entry(key):
+ db = init_db()
+ _entries = db.query(Entry).filter_by(key=key).all()
+
+ if len(_entries) == 0:
+ return None
+ if len(_entries) > 1:
+ return None
+
+ log.debug("Entry found: %r" % (_entries[0].__dict__))
+ log.debug("Returning: %r" % (_entries[0].value))
+
+ return _entries[0].value
+
+def set_entry(key, value):
+ db = init_db()
+ _entries = db.query(Entry).filter_by(key=key).all()
+
+ if len(_entries) == 0:
+ db.add(
+ Entry(
+ key,
+ value
+ )
+ )
+
+ db.commit()
+
+#def purge_entries():
+ #db = init_db()
+ #db.query(Entry).filter(Entry.last_change <= datetime.datetime.now()).delete()
+
+def init_db():
+ """
+ Returns a SQLAlchemy Session() instance.
+ """
+ global db
+
+ if not db == None:
+ return db
+
+ db_uri = 'sqlite:///%s/auth_cache.db' % (KOLAB_LIB_PATH)
+ echo = conf.debuglevel > 8
+ engine = create_engine(db_uri, echo=echo)
+ metadata.create_all(engine)
+
+ Session = sessionmaker(bind=engine)
+ db = Session()
+
+ return db
More information about the commits
mailing list