atoti.config.authentication.ldap_config module

class atoti.LdapConfig

The configuration to connect to an LDAP authentication provider.

The user’s roles are defined using LdapSecurity.

Example

>>> auth_config = tt.LdapConfig(
...     url="ldap://example.com:389",
...     base_dn="dc=example,dc=com",
...     user_search_base="ou=people",
...     group_search_base="ou=roles",
... )

base_dn: str

The Base Distinguished Name of the directory service.

group_role_attribute_name: str = 'cn'

The attribute name that maps a group to a role.

group_search_base: str = ''

The search base for group membership searches.

group_search_filter: str = '(uniqueMember={0})'

The LDAP filter to search for groups.

The substituted parameter is the DN of the user.

manager_dn: Optional[str] = None

The Distinguished Name (DN) used to log into the Directory Service and to search for user accounts.

If None, the connection to the service will be done anonymously.

manager_password: Optional[str] = None

The password for the manager account specified in the manager_dn attribute.

url: str

The LDAP URL including the protocol and port.

user_search_base: str = ''

Search base for user searches.

user_search_filter: str = '(uid={0})'

The LDAP filter used to search for users.

The substituted parameter is the user’s login name.