Documentation Index
Fetch the complete documentation index at: https://docs.activeviam.com/llms.txt
Use this file to discover all available pages before exploring further.
final class atoti.LdapConfig
The config to delegate authentication to an LDAP provider. The user’s roles can be defined usingatoti.security.Security.ldap and individual_roles.
Example
base_dn : str
The base Distinguished Name of the directory service.group_role_attribute_name : str = ‘cn’
The attribute name that maps a group to a role.group_search_base : str | None = None
The search base for group membership searches.group_search_filter : str = ‘(uniqueMember={0})’
The filter to search for groups. The substituted parameter is the DN of the user.manager_dn : str | None = None
The Distinguished Name (DN) used to log into the Directory Service and to search for user accounts. IfNone, the connection to the service will be done anonymously.
manager_password : str | None = None
The password for the manager account specified in the manager_dn attribute.url : str
The LDAP URL including the protocol and port.user_search_base : str = ”
Search base for user searches.user_search_filter : str = ‘(uid={0})’
The filter to search for users. The substituted parameter is the user’s login name.username_case_conversion : ‘upper’ | ‘lower’ | None = None
The case conversion to apply to the username. This authentication provider is generally case insensitive: the same user Jane could log in with the usernames"jane", "Jane", "JANE", etc.
This attribute allows reducing all the possible cases to a single one to be compatible with individual_roles and other case sensitive mappings.
For instance, if session.security.individual_roles == {"jane": {"ROLE_USER"}}, username_case_conversion should be set to "lower".
Leaving this attribute to None is deprecated since it is a source of confusion or bugs.