--- a/src/pyams_ldap/plugin.py Thu Nov 08 15:25:19 2018 +0100
+++ b/src/pyams_ldap/plugin.py Thu Nov 08 15:25:54 2018 +0100
@@ -41,11 +41,12 @@
class ConnectionManager(object):
"""LDAP connections manager"""
+ _connection = None
+
def __init__(self, plugin):
self.server = ldap3.Server(plugin.host,
port=plugin.port,
- use_ssl=plugin.use_ssl,
- tls=plugin.use_tls)
+ use_ssl=plugin.use_ssl)
self.bind_dn = plugin.bind_dn
self.password = plugin.bind_password
@@ -54,18 +55,22 @@
conn = ldap3.Connection(self.server,
user=user, password=password,
client_strategy=ldap3.ASYNC,
- auto_bind=ldap3.AUTO_BIND_DEFAULT,
- lazy=True,
+ auto_bind=True,
+ lazy=False,
read_only=read_only)
else:
- conn = ldap3.Connection(self.server,
- user=self.bind_dn, password=self.password,
- client_strategy=ldap3.REUSABLE,
- auto_bind=ldap3.AUTO_BIND_DEFAULT if self.bind_dn else ldap3.AUTO_BIND_NONE,
- lazy=True,
- read_only=read_only)
- if conn.auto_bind == ldap3.AUTO_BIND_NONE:
- conn.open(read_server_info=False)
+ conn = self._connection
+ if conn is None:
+ bind_mode = ldap3.AUTO_BIND_DEFAULT if self.bind_dn else ldap3.AUTO_BIND_NONE
+ conn = ldap3.Connection(self.server,
+ user=self.bind_dn, password=self.password,
+ client_strategy=ldap3.REUSABLE,
+ auto_bind=bind_mode,
+ lazy=True,
+ read_only=read_only)
+ if conn.auto_bind == ldap3.AUTO_BIND_NONE:
+ conn.open(read_server_info=False)
+ self._connection = conn
return conn
@@ -166,7 +171,6 @@
_use_ssl = False
_server_uri = FieldProperty(ILDAPPlugin['server_uri'])
- use_tls = FieldProperty(ILDAPPlugin['use_tls'])
bind_dn = FieldProperty(ILDAPPlugin['bind_dn'])
bind_password = FieldProperty(ILDAPPlugin['bind_password'])
@@ -251,7 +255,10 @@
self_id = self._get_id()
if self_id not in managers:
managers[self_id] = ConnectionManager(self)
- return managers[self_id].get_connection(user, password)
+ connection = managers[self_id].get_connection(user, password)
+ if connection.closed:
+ connection.open(read_server_info=False)
+ return connection
def authenticate(self, credentials, request):
if not self.enabled: