guilbaults
commented
4 months ago Hi,
With a LDAP backend, you can use django-auth-ldap to handle user authentication within Django (without redirect to a SSO IDP).
I don't have a specific example from a TrailblazingTurtle instance directly to a LDAP backend, but here is an example using PAM that you can modify to bind to LDAP directly:
In the following snippet, use this LDAP AUTHENTICATION_BACKENDS instead of PAMBackend
AUTHENTICATION_BACKENDS = ["django_auth_ldap.backend.LDAPBackend"]The LOGIN_URL will redirect your users to a form within django to enter their username/password instead of being redirected to a IDP
https://github.com/ComputeCanada/puppet-trailblazing_turtle/blob/main/templates/99-local.py.epp#L76-L81
Instead of installing django-ldap, install django-auth-ldap
https://github.com/ComputeCanada/puppet-trailblazing_turtle/blob/main/manifests/install.pp#L63-L72
Enter the LDAP information in the database definition https://github.com/ComputeCanada/puppet-trailblazing_turtle/blob/main/templates/99-local.py.epp#L50-L55
Follow this short tutorial to add the few configuration required such as AUTH_LDAP_SERVER_URI for django-auth-ldap: https://medium.com/@satyayellacharigoli/step-by-step-guide-to-integrate-active-directory-with-django-f556390c8581
By mixing those two, you should be able to do the authentication to LDAP within Django. Other generic tutorials about Django and LDAP should also works.
We are looking to integrate LDAP for authentication and user management instead of the currently supported Identity Provider (IDP). Could you please provide guidance or documentation on how to achieve this?
Context: We are using LDAP in our environment and this will better align with our existing infrastructure and will be quicker to get over the userportal authentication.
Current Challenge: The current setup uses http://xxxx/secure URLs that redirect to an IDP for authentication. We need guidance on how to handle these redirects when using LDAP for authentication.
Share details on Instructions for configuring the application to connect to an LDAP server
Additional Information: If there are any existing resources, guides, or examples that could assist in this process, please point us in the right direction. Thank you for your support!