grutz
commented
9 years ago I have had a number of thoughts on this, whether or not Kvasir should build out some configuration for it in its YAML file to be processed in 00_settings.py. https://github.com/KvasirSecurity/Kvasir/blob/master/models/00_settings.py#L64 has some structure around it but it's never been tested/used so it's likely just dead code.
Ultimately the EASIEST thing to do immediately is to have those that want third party authentication to include their own configuration in the models/ directory until a final decision is made. For now just make a modules/99local.py file with local settings. Using the 99 prefix means you should be able to overwrite anything set up by Kvasir:
from gluon.contrib.login_methods.ldap_auth import ldap_auth
auth.settings.login_methods.append(ldap_auth(mode='ad',
server='my.domain.controller',
base_dn='ou=Users,dc=domain,dc=com'))I've added the file to .gitignore so it won't be absentmindedly added to any PRs. See commit https://github.com/KvasirSecurity/Kvasir/commit/72ea3941f01f3d74ab65504546210cd908fca47a
Feature request for LDAP Access Control support
I would like to be able to simplify user account management by tying it to an already available system. The basics are available here, it just needs a few modifications in appadmin I believe. http://web2py.com/books/default/chapter/29/09/access-control#Other-login-methods-and-login-forms