Here is the current situation: I created a login.html page where I enter my username and password in a form. In my views.py I get the POST data and use the username and password to authenticate against my LDAP server (mechanism works). If the username/password is wrong, I am redirected back to the login page with an error message. Otherwise, I am redirected to a landing page where I will have a message like: "Hello Lastname, Firstname". I am able to get the first and last names from the LDAP query.

The problem:

When I go to the new view, i.e the landing page, I lose my authentication. When I trace request.user, I get the admin user I used while creating my Django project. I would expect the Django_auth ecosystem to do all this for me but maybe I am wrong.

I am not sure whether I should place the user in a session because I could not find anywhere on Google where people use Django's LDAP and Session together.

I would appreciate any help from the gurus out there.

Thanks.

Edit with actual code:

def login(request):
    error = False
    DN = 'None'
    user = 'None'
    user_attr = 'None'
    if request.method == 'POST': #if form has been submitted
        DN = request.POST['login']
        PWD = request.POST['password']
        DN_FULL_EMAIL = DN + '@'+user_domain+'.mysite.com'
        print 'DN_FULL_EMAIL', DN_FULL_EMAIL
        try:
            l = ldap.initialize('ldap://mysite.com:3268')
            print 'bind_res = ' , l.simple_bind_s(DN_FULL_EMAIL, PWD)
            BASE_DN = 'DC=eng,DC=mysite,DC=com'
            SCOPE = ldap.SCOPE_SUBTREE
            Filter = '(&(objectClass=person)(sAMAccountName='+DN+'*)(objectClass=organizationalPerson)(objectClass=user))'
            Attrs = ['displayName', 'employeeID'] #The only data we need

            r= l.search_ext(BASE_DN, SCOPE, Filter, Attrs)
            Type, user = l.result(r,10)
            if user :
                Name, Attrs = user[0]
                if hasattr(Attrs, 'has_key') and Attrs.has_key('displayName') and Attrs.has_key('employeeID'):
                    displayName = Attrs['displayName'][0]
                    WWID = Attrs['employeeID'][0]
                request.user = user
                user_attr = Attrs
                return HttpResponseRedirect('/', {  'user' : user,
                                                    'user_attr' : user_attr
                                                })

        except ImportError:
            error = True
            pass
        except ldap.INVALID_CREDENTIALS:
            error = True
            pass
    return render_to_response( 'login.html', {
        'error' : error,
        'user' : user,
        'user_attr' : user_attr
        }, context_instance = RequestContext(request))

You almost certainly want to use an LDAP authentication backend like django-auth-ldap. If the backend is installed and configured properly, your views should not require any LDAP-specific code. If you've gotten tangled up, don't be afraid to start over and follow the backend's documentation from the beginning.

Now that you've implemented LDAP authentication manually with python-ldap, all you need to know is how to use session across different views.

Fortunately Django provides good document about it: How to use sessions.

Example code:

request.session['name'] = 'Jack'  # set
name = request.session['name']    # get