etianen
commented
6 years ago If you are using an LDAPS server URL, or setting LDAP_AUTH_USE_TLS = True, the network password should be sent encrypted over the network.
Theoretically, both solutions should give you the same security. django-python3-ldap will give you better integration with the rest of your Django application. RemoteUserBackend with IIS has probably received more testing and auditing than django-python3-ldap.
On 2 February 2018 at 17:05, Cameron Taylor notifications@github.com wrote:
I have implemented this solution and integrated AD with my Django project. The project will be hosted on IIS as an intranet site that is served solely over http. I am attempting to decide between using this solution or Django's RemoteUserBackend. Using RemoteUserBackend with IIS and enabling Windows Authentication prevents clear text passwords from being sent across the network. Is the same thing happening when I set LDAP_AUTH_USE_TLS = True and my LDAP_AUTH_URL is pointing to an LDAPS domain controller?
Is it more secure (all relative, I know) to use this solution or the IIS RemoteUserBackend solution?
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/etianen/django-python3-ldap/issues/116, or mute the thread https://github.com/notifications/unsubscribe-auth/AAJFCO0jWSJbjba5YDdXUImw6EWCwODMks5tQ0BrgaJpZM4R3fUN .
ghost
I have implemented this solution and integrated AD with my Django project. The project will be hosted on IIS as an intranet site that is served solely over http. I am attempting to decide between using this solution or Django's RemoteUserBackend. Using RemoteUserBackend with IIS and enabling Windows Authentication prevents clear text passwords from being sent across the network. Is the same thing happening when I set
LDAP_AUTH_USE_TLS = Trueand myLDAP_AUTH_URLis pointing to anLDAPSdomain controller?Is it more secure (all relative, I know) to use this solution or the IIS RemoteUserBackend solution?