From 0b9cd9d950c6abb7858d268b126608578592cb23 Mon Sep 17 00:00:00 2001
From: David Adam <zanchey@ucc.asn.au>
Date: Sun, 30 Jan 2011 06:06:56 +0000
Subject: [PATCH] Use an anonymous LDAP bind to search for MIFARE cards -
 server ACLs have been updated to allow searches (but not reads) without
 credentials on this attribute.

---
 sql-edition/servers/LDAPConnector.py | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/sql-edition/servers/LDAPConnector.py b/sql-edition/servers/LDAPConnector.py
index 9e3a307..6a8d67a 100644
--- a/sql-edition/servers/LDAPConnector.py
+++ b/sql-edition/servers/LDAPConnector.py
@@ -12,12 +12,8 @@ def get_ldap_connection():
         #ldap.set_option(ldap.OPT_DEBUG_LEVEL,255)
         conn = ldap.initialize('ldaps://mussel.ucc.gu.uwa.edu.au:636/')
         
-        binddn = 'cn=admin,dc=ucc,dc=gu,dc=uwa,dc=edu,dc=au'
-        passfile = open('/etc/pam_ldap.secret')
-        password = passfile.readline().strip()
-        passfile.close()
-
-        conn.simple_bind_s(binddn, password)
+        # Anonymous bind - server ACLs should allow searching on uccDispenseMIFARE
+        conn.simple_bind_s()
         return conn
 
 def get_uid(card_id):
-- 
GitLab