web2ldap web2ldap is a Web-based LDAP client written in Python.
Download

web2ldap Ranking & Summary

web2ldap Tags

client LDAP LDAP client Web-based LDAP client web to ldap web2ldap

web2ldap Description

web2ldap is a Web-based LDAP client written in Python. web2ldap is an LDAP client written in Python, full-featured and designed to run as a stand-alone Web gateway or under the control of a web server with FastCGI support (e.g., Apache with mod_fastcgi). Here are some key features of "web2ldap": · Full LDAPv3 sub schema sub entry support when displaying an entry or input form with required and allowed attributes. · Built-in schema browser displays all forward and backward references to other schema elements as links for all supported schema elements. Currently supported and used schema attributes: · attributeTypes · dITContentRules · ldapSyntaxes · matchingRuleUse · matchingRules · objectClasses · Schema support has reasonable performance since caching of parsed sub schema sub entries is done. · Full support for inherited schema elements (object classes and attribute types). · Fall-back to a local schema definition in configuration stored in LDIF file (for e.g. LDAPv2 servers). · Support for adding, modifying, deleting entries, deleting sub trees and renaming entries. · Schema-aware to provide schema-matching input forms for add/modify. · Automatic search for missing parent entries if adding of an entry fails with "no such object". (for reducing the same old boring questions on the LDAP-related mailing lists ;-). Convenient, secure and efficient way to add/remove an entry to/from a group entry. Many common group object classes are automagically supported: · groupOfNames · groupOfUniqueNames · rfc822MailGroup · mailGroup · posixGroup (see RFC 2307) · accessGroup (found in IBM SecureWay) · Even large groups (>100000 members) are handled with reasonable performance. Security problems even with distributed management are avoided by "just doing it right". · LDAP connection handling · Automatically determine the protocol version and features supported by the LDAP server. Falls back to reasonable defaults if features are not available. · LDAP URLs · It it possible to directly use LDAP URLs (see RFC 2255) to reference LDAP entries and LDAP search results. Example: http://sites.inka.de:8002/web2ldap/ldapurl?ldap://ldap.openldap.org/dc=openldap,dc=org Note: Although most LDAP URLs will work you should use URL-quoted LDAP URLs. · Root DSE · Uses namingContexts attribute from RootDSE to determine appropriate search root automatically. · Honours feature All Operational Attribute (supportedFeatures: 1.3.6.1.4.1.4203.1.5.1). · LDAPv3 Referrals · Displays new login mask to repeat current action after chasing a referral. · Search continuations are displayed. · Locating LDAP service · Try to locate a LDAP host for a specific domain, dc-style DN (RFC 2247, RFC 2377) or e-mail address. (see also the Internet Draft "A Taxonomy of Methods for LDAP Clients Finding Servers" on LDAPEXT page) · Well known DNS aliases (kinda primitive anyway) · LDAPv3 Referrals (knowledge references) · Locate LDAP host via SRV RR (see also RFC 2782). This is automatically done if e.g a LDAP URL does not contain a host name but a dc-style DN or if an error response was received with error code NO_SUCH_OBJECT (somewhat inspired by RFC 3088). · Manage DSA IT mode · Enabling/disabling manage DSA IT mode (see draft-zeilenga-ldap-namedref). · Downloading of binary attributes with appropriate mapping to MIME types. · Optionally use gzip-encoding for saving network bandwidth if client has sent Accept-Encoding: gzip in the HTTP header. · Optionally use the right character set for output according to the HTTP header Accept-Charset sent by the HTTP client. · Support for SASL bind. · Default configuration is quite strict. If you see this paradigm violated somewhere in a distributed package of web2ldap please let me know. · Since the user logs in and opens a persistent LDAP connection storing or passing around passwords is not necessary. · Security mechanisms to avoid hijacking web sessions. · Maximum number of currently used web sessions can be limited. · Smart login with automatic completion of bind DN. · Client-hashed passwords (see also RFC 2307, schemes {crypt}, {md5}, {sha}, {smd5}, {ssha}) for setting the userPassword attribute on Umich-derived LDAP servers (like OpenLDAP, Netscape/IPlanet server etc.). · Nice displaying of X.509 certificates and CRLs stored in the directory including all X.509v3 extensions with links to e.g. CRL distribution points, policy documents etc. · Synced setting of userPassword and Samba password attributes. · Attribute shadowLastChange set if an entry has object class shadowAccount. What's New in This Release: · Note: This is the last release guaranteed to support Python 2.3! · For various reasons you should seriously consider to upgrade your local Python installation. · Various code-cleaning regarding a more consequent distinction of UnicodeType and StringType data. · Multiple space characters in DNs and attribute values are now correctly displayed. · Added a fall-back behaviour for older Python versions when registering T.61 codecs. · In expert search form the HTML attribute maxlength is now set to the same values like specified for form parameters search_filterstr and search_attrs. · If no values are entered into the advanced search form no search request with invalid filter is sent to the LDAP server anymore. Instead an error message is displayed. · Fix for the group administration: Caching is now disabled when searching group entries the current entry is member of. · When generating the assertion filter for detecting intermediate changes to edited entries all NON-ASCII chars are now quoted. E.g. with eDirectory cross-checking with binary attribute GUID falsely prevented an entry to be modified. · If the template file for a login form could be be read (exception IOError) an error message is displayed to the user. Improvements to plug-in modules/classes: · New base class NullTerminatedDirectoryString and registered eDirectory attribute type extensionInfo with that. · New class for eDirectory attribute type indexDefinition. · Tabs in XML data are now expanded so it looks much nicer. · Registered more DirXML-related attribute types with plugin class XmlValue.

web2ldap Related Software