Verified Commit 1dd8b897 authored by Jakob Moser's avatar Jakob Moser
Browse files

Improve README

parent 071355c5

README.md

+26 −8
Original line number Diff line number Diff line
@@ -4,16 +4,23 @@ Maintainer: Jakob Moser <moser@cl.uni-heidelberg.de> 


This guide explains how to connect to the various LDAP servers you might interact with if you are a student at the Institut für Computerlinguistik, Universität Heidelberg.



>>> [!tip]



This guide contains examples run in interactive mode from within a Uni server. To get an interactive shell, you can run:

## No time to read, show me the action!



```bash

ssh last

curl -LsSf https://astral.sh/uv/install.sh | sh  # Only necessary the first time

uv run --with=ldap3 --python 3.12 python

uv run --with=git+https://gitlab.cl.uni-heidelberg.de/moser/ldap.git python

```

>>>



```python

>>> from ldap.directories import *

>>> cl_account_directory.is_valid("mustermann", "hunter2")

False  # But could be true, if that account really existed

>>> uni_id_directory.is_valid("ab123", "IchLiebeHeidelberg!")

False  # But could be true, if that account really existed

```



What exactly happens in the code above is described in more detail below.



## Available LDAP servers
@@ -32,6 +39,17 @@ It explains how authentication via LDAP is generally done (which is a bit weird 


## Create server object



>>> [!tip]



This guide contains examples run in interactive mode from within a Uni server. To get an interactive shell, you can run:



```bash

ssh last

curl -LsSf https://astral.sh/uv/install.sh | sh  # Only necessary the first time

uv run --with=ldap3 --python 3.12 python

```

>>>



```python

import ssl

from ldap3 import Tls, Server
@@ -48,15 +66,15 @@ For the Uni ID, use: 


```python

ldap_server_url = "ldaps://ad.uni-heidelberg.de"

server = Server(ldap_server_url, use_ssl=True, tls=Tls(validate=ssl.CERT_REQUIRED, ca_certs_file="uni_root_ca.pem"))

server = Server(ldap_server_url, use_ssl=True, tls=Tls(validate=ssl.CERT_REQUIRED, ca_certs_file="uni-heidelberg.pem"))

```



>>> [!note]



Make sure that you have the `uni_root_ca.pem` file available in the directory you have spawned the shell in. You can ensure this using:

Make sure that you have the `uni-heidelberg.pem` file available in the directory you have spawned the shell in. You can ensure this using:



```bash

wget https://gitlab.cl.uni-heidelberg.de/moser/ldap/-/raw/master/uni_root_ca.pem

wget https://gitlab.cl.uni-heidelberg.de/moser/ldap/-/raw/master/src/ldap/resources/cacerts/uni-heidelberg.pem

```

>>>