replace simpleldap with ldap3 (see #64)

parent 0046a701
......@@ -62,19 +62,11 @@ Please note that currently, ``Burp-UI`` must be running on the same server that
runs the burp-server.
For LDAP authentication (optional), we need the ``simpleldap`` module that
requires the following packages on Debian:
For LDAP authentication (optional), we need the ``ldap3`` module.
aptitude install libsasl2-dev libldap2-dev python-dev
Then we install the module itself:
pip install simpleldap
pip install ldap3
If you would like to use SSL, you will need the ``python-openssl`` package.
......@@ -3,9 +3,9 @@ from flask.ext.login import UserMixin
from burpui.misc.auth.interface import BUIhandler, BUIuser
import simpleldap
from ldap3 import Server, Connection, ALL
except ImportError:
raise ImportError('Unable to load \'simpleldap\' module')
raise ImportError('Unable to load \'ldap3\' module')
import ConfigParser
......@@ -38,6 +38,12 @@ class LdapLoader:
except ConfigParser.NoSectionError, e:
self.tls = False
self.ssl = False
if self.encryption == 'ssl':
self.ssl = True
elif self.encryption == 'tls':
selt.tls = True'LDAP host: %s','LDAP port: %s', self.port)'LDAP encryption: %s', self.encryption)
......@@ -48,10 +54,15 @@ class LdapLoader:'LDAP bindpw: %s', '*****' if self.bindpw else 'None')
self.ldap = simpleldap.Connection(, port=self.port, dn=self.binddn, password=self.bindpw, encryption=self.encryption)'OK, connected to LDAP')
self.server = Server(, port=self.port, use_ssl=self.ssl, get_info=ALL, tls=self.tls)
self.ldap = Connection(self.server, user=self.binddn, password=self.bindpw, raise_exceptions=True)
if self.ldap.bind():'OK, connected to LDAP')
raise Exception('Not connected')
except:'Could not connect to LDAP')
self.server = None
self.ldap = None
def __exit__(self, exc_type, exc_value, traceback):
......@@ -60,7 +71,7 @@ class LdapLoader:
LDAP server.
if self.ldap:
def fetch(self, searchval=None):
......@@ -79,8 +90,8 @@ class LdapLoader:
query = '{0}={1}'.format(self.attr, searchval)'filter: %s | base: %s', query, self.base)
r =, base_dn=self.base, attrs=['cn', self.attr])
except Exception, e:
r =, query, attributes=['cn', self.attr])
except Exception as e:'Ooops, LDAP lookup failed: {0}'.format(str(e)))
return None
......@@ -103,14 +114,16 @@ class LdapLoader:
:returns: True if bind was successful, otherwise False
l = simpleldap.Connection(, dn='{0}'.format(dn), password=passwd)'Bound as user: {0}'.format(dn))
except Exception, e:
l = Connection(self.server, user='{0}'.format(dn), password=passwd, raise_exceptions=True)
b ='Bound as user: {0}'.format(dn))
except Exception as e:'Failed to authenticate user: {0}, {1}'.format(dn, str(e)))
return False
return True
if b:
return b
class UserHandler(BUIhandler):
Markdown is supported
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment