My favorites | Sign in
Project Home Wiki Issues Source
READ-ONLY: This project has been archived. For more information see this post.
Project Information
Members

PROJECT INFO

TGIDProviders is a collection of Identity providers that help you get up and running quickly when you want to validate passwords against an LDAP directory, a UNIX password file, or a SMB provider under Windows. It takes advantage of TurboGears' entry points (provided by SetupTools) to extend the capabilities of the default identity providers to support other authentication methods.

The default LDAP filter is configured for Active Directory for now, though this might change in the future.

OpenID is not yet supported, but patches are welcome! See the TODO file for other enhancement ideas.

DISCLAIMER

This application has not been audited by a security expert. Use at your own risk.

BACKGROUND

This project was originally derived from the attachments of the Turbogears IdentityManagement documentation. The attachments were: soldapprovider.py, sopwdprovider.py, and sosmbprovider.py. See the CREDITS file to join me in thanking their authors.

The project shell was created using "tg-admin quickstart -t tgwidget"[1]. The tgswidget template includes more files than I need at this point (like everything in the static directory), but I'm going to keep the fluff around for a bit in case the openid provider needs to have it.

HINTS

For unix_passwd authentication, you will probably encounter problems due to password shadowing. Password shadowing prevents anyone besides the administrator (root) from retrieving even the encrypted passwords on a system. A simple workaround is to add yourself to the "shadow" group (sudo adduser --group shadow ; sudo adduser MYUSERID shadow), and then allow the "shadow" group to read the /etc/shadow file (sudo chgrp shadow /etc/shadow ; chmod g+r /etc/shadow). You'll probably have to sign out in order for the group privleges to take effect.

FOOTNOTES

  1. Unfortunately, tgwidget isn't very well documented, but it ships with TG. Should you ever want to list installed quickstart templates, you can do so with "paster create -list-templates". I tracked down both tidbits from here, so thanks to whomever "The Author" is for pointing me in the right direction!
Powered by Google Project Hosting