Re: pgAdmin4 web ldap authtification

From: Stefan Harbich <stefan(dot)harbich(at)harnet(dot)de>
To: Khushboo Vashi <khushboo(dot)vashi(at)enterprisedb(dot)com>
Cc: pgadmin-support(at)lists(dot)postgresql(dot)org
Subject: Re: pgAdmin4 web ldap authtification
Date: 2023-11-07 08:16:32
Message-ID: c04c895898deb36e11a7434e8459f39b7b4a7ce9.camel@harnet.de
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgadmin-support


Hello,

for your information an entry from the LDAP and the config_local.py
LDAP configuration for pgAdmin.

ldapsearch -x -H ldaps://ldap.intern.example.de uid=stefan.example
...
# extended LDIF
#
# LDAPv3
# base <dc=example,dc=de> (default) with scope subtree
# filter: uid=stefan.example
# requesting: ALL
#

# stefan.example, users, example.de
dn: uid=stefan.example,ou=users,dc=example,dc=de
cn: Stefan example
objectClass: evolutionPerson
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: mailExtension
objectClass: posixAccount
objectClass: dcMailUser
uidNumber: 10000
uid: stefan.example
title: admin
postalAddress: ################################, NRW$53113$Deutschland
homePostalAddress:
############################################$Deutschland
loginShell: /bin/bash
fileAs: Stefan example
gidNumber: 10000
givenName: Stefan
sn: example
homeDirectory: /home/stefan.example
dcMailMessageStore: /vmail/mailboxes/example.de/stefan.example/mail
mailEnabled: TRUE
initials: STH
displayName: STH
businessRole: #######
mail: stefan(dot)example(at)example(dot)de
birthDate: 1968-01-29
homeFacsimileTelephoneNumber: 0049##########
mailQuota: 700M
homePhone: ###########
mobile: ###########
note::
WnVnw6RuZ2UgdW5kIFBhc3N3w7ZydGVyOkxBTSwgYWRtaW4sIE1hcmxpZXMoNjc4OSk7IFV
TViwgTWFybGllczEyOyBtcGhwbWUwMSwgcm9vdCwgTWFybGllcygxMik7dm1haWxwYW5lbC
wgYWRt
aW4sIE1hcmxpZXMoNjc4OSk7IFN1cGVybWljcm8sIEFETUlOLCBNYXJsaWVzKDEyKTsgRWx
zdGVyI
FBJTjogMTk2ODAxMjk7IERITCwgc3RlZmFuLmhhcmJpY2hAaGFybmV0LmRlLCBNYXJsaWVz
KDEyKT
sgUG9zdGdyZVNRTCwgc3RlZmFuLmhhcmJpY2gsIFN0ZWZhbkhhcmJpY2gxMjsgSGVydHosI
DQzMzc
0Nzk1LCBIZXJ0eiMxQ2x1YkdvbGQ7IE9wZW5IQUIgRm9ydW0sIHN0aGFyYmljaCwgRGVja2
VyKDEy
KTsgYW5ydWZiZWFudHdvcnRlciwgNTYoNzgpYW5ydWZiZWFudHdvcnRlcjEyKDM0KSwgU2V
sZmhvc
3QsIHNoYXJiaWNoLnJ1YmlkaXVtLnNlbGZob3N0LmRlLCBBeCg3MylEZWNrZXIzNihGUSks
IFNlbG
Zob3N0LVp1Z2FuZywgNzI3MjIsIERlY2tlcigxMjM0KSwgSU5HIERpQmEsIFBJTiAyOTE2O
DsgUFN
ELUJhbmsgT25saW5lIFBJTjogU3RyYWZhbnplaWdlIHZvbSAxMy4wMy4yMDIzIEFrdGVuem
VpY2hl
bjogMjMwMzEzLTE1MDYtSVA2MzQ2LSBBbnNwcmVjaHBhcnRuZXI6IEhlcnIgRWdlbmJlcmd
lciArN
###################
telephoneNumber: ############

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1
...
config_local.py
...
/pgadmin4 # cat config_local.py
AUTHENTICATION_SOURCES = 'ldap'
LDAP_AUTO_CREATE_USER = True
LDAP_SERVER_URI = 'ldap://192.168.20.20:9009'
LDAP_USERNAME_ATTRIBUTE = 'uid'
LDAP_BIND_USER = 'cn=admin,dc=example,dc=de'
LDAP_BIND_PASSWORD = '#############'
LDAP_BASE_DN = 'ou=users,dc=example,dc=de'
LDAP_SEARCH_BASE_DN = 'ou=users,dc=example,dc=de'
LDAP_SEARCH_FILTER = '(objectclass=*)'
LDAP_USE_STARTTLS = False
...

Greetings from Stefan

Am Dienstag, dem 07.11.2023 um 10:05 +0530 schrieb Khushboo Vashi:
>
>
> On Tue, Nov 7, 2023 at 1:58 AM Stefan Harbich
> <stefan(dot)harbich(at)harnet(dot)de> wrote:
> > Hello,
> >
> > i created the file config_local.py in the config.py directory. Now
> > I get the following error message.
> > ...
> > 2023-11-06 20:22:52,271: ERROR pgadmin:
> > pgadmin.authenticate.AuthSourceRegistry 'l' has not been
> > implemented.
> > Traceback (most recent call last):
> > File "/venv/lib/python3.11/site-packages/flask/app.py", line 1823,
> > in full_dispatch_request
> > rv = self.dispatch_request()
> > ^^^^^^^^^^^^^^^^^^^^^^^
> > File "/venv/lib/python3.11/site-packages/flask/app.py", line 1799,
> > in dispatch_request
> > return
> > self.ensure_sync(self.view_functions[rule.endpoint])(**view_args)
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > File "/pgadmin4/pgadmin/authenticate/__init__.py", line 102, in
> > login
> > return _login()
> > ^^^^^^^^
> > File "/pgadmin4/pgadmin/authenticate/__init__.py", line 141, in
> > _login
> > if not auth_obj.validate():
> > ^^^^^^^^^^^^^^^^^^^
> > File "/pgadmin4/pgadmin/authenticate/__init__.py", line 267, in
> > validate
> > source = get_auth_sources(src)
> > ^^^^^^^^^^^^^^^^^^^^^
> > File "/pgadmin4/pgadmin/authenticate/__init__.py", line 328, in
> > get_auth_sources
> > auth_source = AuthSourceRegistry.get(type)
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > File "/pgadmin4/pgadmin/utils/dynamic_registry/__init__.py", line
> > 48, in __get
> > raise NotImplementedError(
> > NotImplementedError: pgadmin.authenticate.AuthSourceRegistry 'l'
> > has not been implemented.
> > ...
> > What else can I do?
> >
> >
>
> Please send your config_local.py settings, so I can have a look. 
> >
> > Greetings from Stefan
> >
> > Am Montag, dem 06.11.2023 um 10:30 +0530 schrieb Khushboo Vashi:
> > >
> > >
> > > On Sat, Nov 4, 2023 at 2:06 AM Stefan Harbich
> > > <stefan(dot)harbich(at)harnet(dot)de> wrote:
> > > > Hello, my dears,
> > > >
> > > > i can't get the LDAP login user to pgAdmin on the website. In
> > > > Docker
> > > > Bash, I created the file config_local.py with the following
> > > > content in
> > > > the “/var/lib/pgadmin” directory.
> > > > ...
> > > > AUTHENTICATION_SOURCES = ['ldap','internal']
> > > > LDAP_SERVER_URI = 'ldap://<my-ip-address>:10389'
> > > > LDAP_USERNAME_ATTRIBUTE = 'uid'
> > > > LDAP_BASE_DN = 'uid=admin,ou=system'
> > > > LDAP_SEARCH_BASE_DN = 'uid=admin,ou=system'
> > > > ...
> > > >
> > > > Unfortunately, the content is not used after the container is
> > > > restarted. Why not?
> > > >
> > >
> > > config_local.py should be created in the same directory as
> > > config.py.
> > > Please
> > > refer: https://www.pgadmin.org/docs/pgadmin4/7.8/config_py.html 
> > > >
> > > > Greetings from Stefan Harbich
> > > >
> > > >
> >
> >

In response to

Responses

Browse pgadmin-support by date

  From Date Subject
Next Message Saravanan K 2023-11-07 13:45:10 IMP: using PG-Admin with screen readers (JAWS & NVDA)
Previous Message Khushboo Vashi 2023-11-07 04:35:12 Re: pgAdmin4 web ldap authtification