Change Log

Important

The releases are now tracked using the GitHub releases. The following remains for historical purposes.

Old changes

Breaking changes

• The signal ldap_error now has an additional request keyword argument.

• Added support for Python 3.10.

• Added support for Django 4.0.

3.0.0 — 2021-07-19

• Dropped support for Django 3.0.

Breaking changes

• Dropped deprecated setting AUTH_LDAP_CACHE_GROUPS.

• Callables passed to AUTH_LDAP_SERVER_URI must now take a request positional argument.

2.4.0 - 2021-04-06

• Added support for Django 3.2.

2.3.0 - 2021-02-15

• Removed support for end of life Django 1.11. django-auth-ldap now requires Django 2.2+.

• Removed support for end of life Python 3.5.

• Added support for Django 3.1.

• Added support for Python 3.9.

• Removed dev-requirements.txt in favor of tox.

2.2.0 - 2020-06-02

• Added support for the escape argument in LDAPSearchUnion.execute().

2.1.1 - 2020-03-26

• Removed drepecated providing_args from Signal instances.

2.1.0 - 2019-12-03

• Reject authentication requests without a username.

• Added support for Django 3.0 and Python 3.8.

• Removed support for end of life Django 2.1.

2.0.0 - 2019-06-05

• Removed support for Python 2 and 3.4.

• Removed support for end of life Django 2.0.

• Added support for Django 2.2.

• Add testing and support for Python 3.7 with Django 1.11 and 2.1.

• When AUTH_LDAP_SERVER_URI is set to a callable, it is now passed a positional request argument. Support for no arguments will continue for backwards compatibility but will be removed in a future version.

• Added new AUTH_LDAP_NO_NEW_USERS to prevent the creation of new users during authentication. Any users not already in the Django user database will not be able to login.

1.6.1 - 2018-06-02

• Renamed requirements.txt to dev-requirements.txt to fix Read the Docs build.

1.6.0 - 2018-06-02

• Updated LDAPBackend.authenticate() signature to match Django’s documentation.

• Fixed group membership queries with DNs containing non-ascii characters on Python 2.7.

• The setting AUTH_LDAP_CACHE_TIMEOUT now replaces deprecated AUTH_LDAP_CACHE_GROUPS and AUTH_LDAP_GROUP_CACHE_TIMEOUT. In addition to caching groups, it also controls caching of distinguished names (which were previously cached by default). A compatibility shim is provided so the deprecated settings will continue to work.

1.5.0 - 2018-04-18

• django-auth-ldap is now hosted at https://github.com/django-auth-ldap/django-auth-ldap.

• Removed NISGroupType class. It searched by attribute nisNetgroupTriple, which has no defined EQAULITY rule.

• The python-ldap library is now initialized with bytes_mode=False, requiring all LDAP values to be handled as Unicode text (str in Python 3 and unicode in Python 2), not bytes. For additional information, see the python-ldap documentation on bytes mode.

• Removed deprecated function LDAPBackend.get_or_create_user(). Use get_or_build_user() instead.

1.4.0 - 2018-03-22

• Honor the attrlist argument to AUTH_LDAP_GROUP_SEARCH

• Backwards incompatible: Removed support for Django < 1.11.

• Support for Python 2.7 and 3.4+ now handled by the same dependency, python-ldap >= 3.0.

1.3.0 - 2017-11-20

• Backwards incompatible: Removed support for obsolete versions of Django (<=1.7, plus 1.9).

• Delay saving new users as long as possible. This will allow AUTH_LDAP_USER_ATTR_MAP to populate required fields before creating a new Django user.

  LDAPBackend.get_or_create_user() is now get_or_build_user() to avoid confusion. The old name may still be overridden for now.

• Support querying by a field other than the username field with AUTH_LDAP_USER_QUERY_FIELD.

• New method authenticate_ldap_user() to provide pre- and post-authentication hooks.

• Add support for Django 2.0.

1.2.16 - 2017-09-30

• Better cache key sanitizing.

• Improved handling of LDAPError. A case existed where the error would not get caught while loading group permissions.

1.2.15 - 2017-08-17

• Improved documentation for finding the official repository and contributing.

1.2.14 - 2017-07-24

• Under search/bind mode, the user’s DN will now be cached for performance.

1.2.13 - 2017-06-19

• Support selective group mirroring with AUTH_LDAP_MIRROR_GROUPS and AUTH_LDAP_MIRROR_GROUPS_EXCEPT.

• Work around Django 1.11 bug with multiple authentication backends.

1.2.12 - 2017-05-20

• Support for complex group queries via LDAPGroupQuery.

1.2.11 - 2017-04-22

• Some more descriptive object representations.

• Improved tox.ini organization.

1.2.9 - 2017-02-14

• Ignore python-ldap documentation and accept ldap.RES_SEARCH_ENTRY from ldap.LDAPObject.result().

1.2.8 - 2016-04-18

• Add AUTH_LDAP_USER_ATTRLIST to override the set of attributes requested from the LDAP server.

1.2.7 - 2015-09-29

• Support Python 3 with pyldap.

1.2.6 - 2015-03-29

• Performance improvements to group mirroring (from Denver Janke).

• Add django_auth_ldap.backend.ldap_error signal for custom handling of LDAPError exceptions.

• Add django_auth_ldap.backend.LDAPBackend.default_settings for per-subclass default settings.

1.2.5 - 2015-01-30

• Fix interaction between AUTH_LDAP_AUTHORIZE_ALL_USERS and AUTH_LDAP_USER_SEARCH.

1.2.4 - 2014-12-28

• Add support for nisNetgroup groups (thanks to Christopher Bartz).

1.2.3 - 2014-11-18

• Improved escaping for filter strings.

• Accept (and ignore) arbitrary keyword arguments to LDAPBackend.authenticate.

1.2.2 - 2014-09-22

• Include test harness in source distribution. Some package maintainers find this helpful.

1.2.1 - 2014-08-24

• More verbose log messages for authentication failures.

1.2.0 - 2014-04-10

• django-auth-ldap now provides experimental Python 3 support. Python 2.5 was dropped.

  To sum up, django-auth-ldap works with Python 2.6, 2.7, 3.3 and 3.4.

  Since python-ldap isn’t making progress toward Python 3, if you’re using Python 3, you need to install a fork:

  $ pip install git+https://github.com/rbarrois/python-ldap.git@py3
  

  Thanks to Aymeric Augustin for making this happen.

1.1.8 - 2014-02-01

• Update LDAPSearchUnion to work for group searches in addition to user searches.

• Tox no longer supports Python 2.5, so our tests now run on 2.6 and 2.7 only.

1.1.7 - 2013-11-19

• Bug fix: AUTH_LDAP_GLOBAL_OPTIONS could be ignored in some cases (such as populate_user()).

1.1.5 - 2013-10-25

• Support POSIX group permissions with no gidNumber attribute.

• Support multiple group DNs for *_FLAGS_BY_GROUP.

1.1.4 - 2013-03-09

• Add support for Django 1.5’s custom user models.

1.1.3 - 2013-01-05

• Reject empty passwords by default.

  Unless AUTH_LDAP_PERMIT_EMPTY_PASSWORD is set to True, LDAPBackend.authenticate() will immediately return None if the password is empty. This is technically backwards-incompatible, but it’s a more secure default for those LDAP servers that are configured such that binds without passwords always succeed.

• Add support for pickling LDAP-authenticated users.