
Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
pyramid-multildap
Advanced tools
pyramid_multildap
pyramid_multildap
is a friendly fork of pyramid_ldap
_,
incorporating some changes which have been proposed upstream,
but have not been accepted (yet?).
The package is being developed at github:
https://github.com/lmctv/pyramid_multildap
.. _pyramid_ldap
: https://github.com/Pylons/pyramid_ldap
The package's documentation is hosted at http://pyramid-multildap.readthedocs.org/
Original README follows:
pyramid_ldap
pyramid_ldap
provides LDAP authentication services for your Pyramid
application. Thanks to the ever-awesome SurveyMonkey <http://surveymonkey.com>
_ for sponsoring the development of this package!
See the documentation at http://docs.pylonsproject.org/projects/pyramid_ldap/en/latest/ for more information.
This package will only work with Pyramid 1.3a9 and better.
set_request_property
with add_request_method
deprecated
Convert sampleapp to a minimal ldapauth scaffold
Add attrlist to LDAPQuery, set_login_query, set_groups_query to allow retrieved attributes to be filtered. (Default: All attributes on users, no attributes on groups). See https://github.com/Pylons/pyramid_ldap/pull/8
Support creation of multiple co-existing ldap contexts in the same application. See https://github.com/Pylons/pyramid_ldap/pull/6
Add a "search_after_bind" attribute to the _LDAPQuery class, to help in reading directory entry attributes when the directory server is configured to hide them in the before login search phase. See https://github.com/Pylons/pyramid_ldap/pull/5
Set a size limit on pre-login entry dn searches.
Escape user-provided login names, avoiding server errors or trivial DOSs caused by user names like 'user*name' or 'user(middle)name'
Prevent the use of zero-length password authentication. See https://github.com/Pylons/pyramid_ldap/pull/13
FAQs
pyramid_multildap
We found that pyramid-multildap demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
A malicious package uses a QR code as steganography in an innovative technique.
Research
/Security News
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
Application Security
/Research
/Security News
Socket detected multiple compromised CrowdStrike npm packages, continuing the "Shai-Hulud" supply chain attack that has now impacted nearly 500 packages.