53565dfd97
pyldap's start_tls_s function calls ldap_start_tls_s[1] which, if called twice, returns LDAP_LOCAL_ERROR which causes a LDAP queries to fail with the traceback: Traceback (most recent call last): File "/usr/lib/python2.7/site-packages/ldappool/__init__.py", line 258, in _create_connector self._bind(conn, bind, passwd) File "/usr/lib/python2.7/site-packages/ldappool/__init__.py", line 227, in _bind conn.start_tls_s() File "/usr/lib64/python2.7/site-packages/ldap/ldapobject.py", line 1095, in start_tls_s res = self._apply_method_s(SimpleLDAPObject.start_tls_s,*args,**kwargs) File "/usr/lib64/python2.7/site-packages/ldap/ldapobject.py", line 1071, in _apply_method_s return func(self,*args,**kwargs) File "/usr/lib64/python2.7/site-packages/ldap/ldapobject.py", line 780, in start_tls_s return self._ldap_call(self._l.start_tls_s) File "/usr/lib64/python2.7/site-packages/ldap/ldapobject.py", line 263, in _ldap_call result = func(*args,**kwargs) LOCAL_ERROR: {'desc': u'Local error'} This means that currently keystone's [ldap]/use_pool and [ldap]/use_tls options are incompatible. This patch fixes the problem by removing the unnecessary call. [1] https://linux.die.net/man/3/ldap_start_tls_s Change-Id: I6baff12bcbd3b110e62f4bcdfb97c561d7ee5fe9 |
||
---|---|---|
doc | ||
ldappool | ||
tools | ||
.gitignore | ||
.gitreview | ||
.testr.conf | ||
CHANGES.rst | ||
CONTRIBUTORS | ||
MANIFEST.in | ||
README.rst | ||
requirements.txt | ||
setup.cfg | ||
setup.py | ||
test-requirements.txt | ||
tox.ini |
README.rst
ldappool
A simple connector pool for pyldap.
The pool keeps LDAP connectors alive and let you reuse them, drastically reducing the time spent to initiate a ldap connection.
The pool has useful features like:
- transparent reconnection on failures or server restarts
- configurable pool size and connectors timeouts
- configurable max lifetime for connectors
- a context manager to simplify acquiring and releasing a connector
You need pyldap in order to use this library
Quickstart
To work with the pool, you just need to create it, then use it as a context manager with the connection method:
from ldappool import ConnectionManager
cm = ConnectionManager('ldap://localhost')
with cm.connection('uid=adminuser,ou=logins,dc=mozilla', 'password') as conn:
.. do something with conn ..
The connector returned by connection is a LDAPObject, that's binded to the server. See https://github.com/pyldap/pyldap/ for details on how to use a connector.
ConnectionManager options
Here are the options you can use when instanciating the pool:
- uri: ldap server uri [mandatory]
- bind: default bind that will be used to bind a connector. default: None
- passwd: default password that will be used to bind a connector. default: None
- size: pool size. default: 10
- retry_max: number of attempts when a server is down. default: 3
- retry_delay: delay in seconds before a retry. default: .1
- use_tls: activate TLS when connecting. default: False
- timeout: connector timeout. default: -1
- use_pool: activates the pool. If False, will recreate a connector each time. default: True
The connection method takes two options:
- bind: bind used to connect. If None, uses the pool default's. default: None
- passwd: password used to connect. If None, uses the pool default's. default: None
History
Prior to v2.0.0 ldappool
required
python-ldap
. As of v2.0.0 this library now required
pyldap
, a python 3 compatible fork of
python-ldap
.