mirrors/Radicale
1
0
Fork 0
mirror of https://github.com/Kozea/Radicale.git synced 2025-04-03 21:27:36 +03:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #1740 from BastelBaus/master

Browse source 
added configuration to enable radicale LDAP with Authentik
This commit is contained in:
Peter Bieringer 2025-03-25 07:08:15 +01:00 committed by GitHub
commit d25786c190
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
4 changed files with 23 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

10
DOCUMENTATION.md
View file

@ -1060,6 +1060,16 @@ The path to the CA file in pem format which is used to certificate the server ce
Default: Default:
##### ldap_ignore_attribute_create_modify_timestamp
_(>= 3.5.1)_
Add modifyTimestamp and createTimestamp to the exclusion list of internal ldap3 client
so that these schema attributes are not checked. This is needed for Authentik since
Authentik does not provide these both attributes.
Default: false
##### dovecot_connection_type = AF_UNIX ##### dovecot_connection_type = AF_UNIX
_(>= 3.4.1)_ _(>= 3.4.1)_

3
config
View file

@ -74,6 +74,9 @@
## Expiration time of caching failed logins in seconds ## Expiration time of caching failed logins in seconds
#cache_failed_logins_expiry = 90 #cache_failed_logins_expiry = 90
# Ignore modifyTimestamp and createTimestamp attributes. Needed if Authentik LDAP server is used. Uncomment then.
#ldap_ignore_attribute_create_modify_timestamp = true
# URI to the LDAP server # URI to the LDAP server
#ldap_uri = ldap://localhost #ldap_uri = ldap://localhost

6
radicale/auth/ldap.py
View file

@ -63,6 +63,12 @@ class Auth(auth.BaseAuth):
self.ldap = ldap self.ldap = ldap
except ImportError as e: except ImportError as e:
raise RuntimeError("LDAP authentication requires the ldap3 module") from e raise RuntimeError("LDAP authentication requires the ldap3 module") from e
self._ldap_ignore_attribute_create_modify_timestamp = configuration.get("auth", "ldap_ignore_attribute_create_modify_timestamp")
if self._ldap_ignore_attribute_create_modify_timestamp:
self.ldap3.utils.config._ATTRIBUTES_EXCLUDED_FROM_CHECK.extend(['createTimestamp', 'modifyTimestamp'])
logger.info("auth.ldap_ignore_attribute_create_modify_timestamp applied")
self._ldap_uri = configuration.get("auth", "ldap_uri") self._ldap_uri = configuration.get("auth", "ldap_uri")
self._ldap_base = configuration.get("auth", "ldap_base") self._ldap_base = configuration.get("auth", "ldap_base")
self._ldap_reader_dn = configuration.get("auth", "ldap_reader_dn") self._ldap_reader_dn = configuration.get("auth", "ldap_reader_dn")

4
radicale/config.py
View file

@ -259,6 +259,10 @@ DEFAULT_CONFIG_SCHEMA: types.CONFIG_SCHEMA = OrderedDict([
"value": "1", "value": "1",
"help": "incorrect authentication delay", "help": "incorrect authentication delay",
"type": positive_float}), "type": positive_float}),
("ldap_ignore_attribute_create_modify_timestamp", {
"value": "false",
"help": "Ignore modifyTimestamp and createTimestamp attributes. Need if Authentik LDAP server is used.",
"type": bool}),
("ldap_uri", { ("ldap_uri", {
"value": "ldap://localhost", "value": "ldap://localhost",
"help": "URI to the ldap server", "help": "URI to the ldap server",