Opened 8 years ago

Last modified 6 years ago

#508 assigned enhancement

LDAP server fail over

Reported by: bitter Owned by: eblot
Priority: normal Component: LdapPlugin
Severity: normal Keywords:
Cc: Trac Release: 0.10


I made some small (local) changes to the LDAPConnection class to support more than one host. I did it kind of brute force and don't really know if there are other consequences which I have neglected. I'll attach the diff agains the current revision.

Attachments (0)

Change History (3)

comment:1 follow-up: Changed 8 years ago by bitter

Ok.. for some reason I can't attach the file so here is the changed function instead:

    def _open(self):
        """Open and optionnally bind a new connection to the LDAP directory"""
        errors = []
        hosts =' ')
        for host in hosts:
                self._ds = ldap.initialize('ldap://%s:%d/' % (host, self.port))
                self._ds.protocol_version = ldap.VERSION3
                if self.bind:
                    if not self.bind_user:
                        raise TracError("Bind enabled but credentials not defined")
                    head = self.bind_user[:self.bind_user.find(',')]
                    if ( head.find('=') == -1 ):
                        self.bind_user = '%s=%s' % (self.uidattr, self.bind_user)
                    self._ds.simple_bind_s(self.bind_user, self.bind_passwd)
            except ldap.LDAPError, e:
                self._ds = None
                if self.bind_user:
                    self.log.warn("Unable to open LDAP with user %s" % \
                errors = errors + [e[0]['desc'] +', ' + host]
        raise TracError("Unable to open LDAP cnx: %s" % errors)

comment:2 in reply to: ↑ 1 Changed 8 years ago by eblot

  • Status changed from new to assigned
  • Summary changed from LDAP fail over. to LDAP server fail over

Replying to bitter:

Ok.. for some reason I can't attach the file so here is the changed function instead:

Maybe the anti-spam filter. Thanks for the patch. I may merge it to the LdapPlugin in a next release.

comment:3 Changed 6 years ago by luke-trac@…

This would be very very good. having trac essentially crash just because one of two ldap servers is down is not a good thing.

Add Comment

Modify Ticket

as assigned The owner will remain eblot.

E-mail address and user name can be saved in the Preferences.

Note: See TracTickets for help on using tickets.