私はflask_ldap3_loginを使用して、Active Directoryからの認証を介してログインしています。参考までにコードを以下に示します。
from flask import Flask, url_for
from flask_ldap3_login import LDAP3LoginManager, AuthenticationResponseStatus
from flask_login import LoginManager, login_user, UserMixin, current_user
from flask import render_template_string, redirect
from flask_ldap3_login.forms import LDAPLoginForm
app = Flask(__name__)
app.config['SECRET_KEY'] = 'secret'
app.config['DEBUG'] = True
# Setup LDAP Configuration Variables. Change these to your own settings.
# All configuration directives can be found in the documentation.
# Hostname of your LDAP Server
app.config['LDAP_HOST'] = 'ldap://x.x.x.x'
# Base DN of your directory
app.config['LDAP_BASE_DN'] = 'OU=City Name,OU=Team Name,OU=Users,OU=Country,OU=Sites,DC=domain,DC=com'
# app.config['LDAP_BASE_DN'] = 'DC=domain,DC=com'
# Users DN to be prepended to the Base DN
# app.config['LDAP_USER_DN'] = 'OU=Users,OU=Country'
# Groups DN to be prepended to the Base DN
# app.config['LDAP_GROUP_DN'] = 'OU=City,OU=Team Name'
# The RDN attribute for your user schema on LDAP
# app.config['LDAP_USER_RDN_ATTR'] = 'cn'
# The Attribute you want users to authenticate to LDAP with.
app.config['LDAP_USER_LOGIN_ATTR'] = 'sAMAccountName'
# The Username to bind to LDAP with
app.config['LDAP_BIND_USER_DN'] = 'CN=Name,OU=city,OU=Team,OU=Users,OU=country,OU=Sites,DC=domain,DC=com'
# The Password to bind to LDAP with
app.config['LDAP_BIND_USER_PASSWORD'] = 'password'
login_manager = LoginManager(app) # Setup a Flask-Login Manager
ldap_manager = LDAP3LoginManager(app) # Setup a LDAP3 Login Manager.
@app.route('/manual_login', methods=['POST'])
def manual_login():
result = app.ldap3_login_manager.authenticate('user`enter code here`', 'password')
print(result.status)
return 'fail' if result.status == AuthenticationResponseStatus.fail else 'success'
if __name__ == "__main__":
app.run(debug=True, host="0.0.0.0")
次に、問題は、上記のように完全なapp.config['LDAP_BASE_DN']を使用している場合は正常に機能しますが、DC=domain,DC=comのみを Base_DN として使用して組織全体のユーザーを認証する場合です。成功ではなく失敗を返す