Allow specifying multiple LDAP servers.

awx/sso/conf.py

@@ -170,15 +170,14 @@ register(
 
 register(
     'AUTH_LDAP_SERVER_URI',
-    field_class=fields.URLField,
-    schemes=('ldap', 'ldaps'),
+    field_class=fields.LDAPServerURIField,
     allow_blank=True,
     default='',
     label=_('LDAP Server URI'),
     help_text=_('URI to connect to LDAP server, such as "ldap://ldap.example.com:389" '
-                '(non-SSL) or "ldaps://ldap.example.com:636" (SSL).  LDAP authentication '
-                'is disabled if this parameter is empty or your license does not '
-                'enable LDAP support.'),
+                '(non-SSL) or "ldaps://ldap.example.com:636" (SSL). Multiple LDAP '
+                'servers may be specified by separating with spaces or commas. LDAP '
+                'authentication is disabled if this parameter is empty.'),
     category=_('LDAP'),
     category_slug='ldap',
     placeholder='ldaps://ldap.example.com:636',

awx/sso/fields.py

@@ -105,6 +105,18 @@ class AuthenticationBackendsField(fields.StringListField):
         return backends
 
 
+class LDAPServerURIField(fields.URLField):
+
+    def __init__(self, **kwargs):
+        kwargs.setdefault('schemes', ('ldap', 'ldaps'))
+        super(LDAPServerURIField, self).__init__(**kwargs)
+
+    def run_validators(self, value):
+        for url in filter(None, re.split(r'[, ]', (value or ''))):
+            super(LDAPServerURIField, self).run_validators(url)
+        return value
+
+
 class LDAPConnectionOptionsField(fields.DictField):
 
     default_error_messages = {