diff options
author | Simo Sorce <ssorce@redhat.com> | 2007-12-21 12:31:31 -0500 |
---|---|---|
committer | Simo Sorce <ssorce@redhat.com> | 2007-12-21 12:31:31 -0500 |
commit | a9e4e5a1e2da6725521878428452c86b7140e815 (patch) | |
tree | 09e7c4fc7a8a1a1ecf9b5fb14929163289434683 | |
parent | 84c758153f888faaf6652a35ab7edcc22cce860a (diff) | |
download | freeipa-a9e4e5a1e2da6725521878428452c86b7140e815.tar.gz freeipa-a9e4e5a1e2da6725521878428452c86b7140e815.tar.xz freeipa-a9e4e5a1e2da6725521878428452c86b7140e815.zip |
Finishe removing previous code to fetch keytabs
-rw-r--r-- | ipa-server/configure.ac | 1 | ||||
-rw-r--r-- | ipa-server/ipa-gui/ipagui/subcontrollers/principal.py | 22 | ||||
-rw-r--r-- | ipa-server/ipa-gui/ipagui/templates/principallist.kid | 11 | ||||
-rw-r--r-- | ipa-server/xmlrpc-server/funcs.py | 33 |
4 files changed, 1 insertions, 66 deletions
diff --git a/ipa-server/configure.ac b/ipa-server/configure.ac index 5f9b452c4..dbcfeacc0 100644 --- a/ipa-server/configure.ac +++ b/ipa-server/configure.ac @@ -238,7 +238,6 @@ AC_CONFIG_FILES([ ipa-slapi-plugins/ipa-pwd-extop/Makefile xmlrpc-server/Makefile xmlrpc-server/test/Makefile - ipa-keytab-util/Makefile ]) AC_OUTPUT diff --git a/ipa-server/ipa-gui/ipagui/subcontrollers/principal.py b/ipa-server/ipa-gui/ipagui/subcontrollers/principal.py index 1b2ad6942..27c4f9d63 100644 --- a/ipa-server/ipa-gui/ipagui/subcontrollers/principal.py +++ b/ipa-server/ipa-gui/ipagui/subcontrollers/principal.py @@ -125,28 +125,6 @@ class PrincipalController(IPAController): return dict(principals=principals, hostname=hostname, fields=ipagui.forms.principal.PrincipalFields()) - @expose() - @identity.require(identity.not_anonymous()) - def show(self, **kw): - """Returns the keytab for a given principal""" - client = self.get_ipaclient() - - principal = kw.get('principal') - if principal != None and len(principal) > 0: - try: - p = principal.split('@') - keytab = client.get_keytab(p[0].encode('utf-8')) - - cherrypy.response.headers['Content-Type'] = "application/x-download" - cherrypy.response.headers['Content-Disposition'] = 'attachment; filename=krb5.keytab' - cherrypy.response.headers['Content-Length'] = len(keytab) - cherrypy.response.body = keytab - return cherrypy.response.body - except ipaerror.IPAError, e: - turbogears.flash("keytab retrieval failed: " + str(e) + "<br/>" + e.detail[0]['desc']) - raise turbogears.redirect("/principal/list") - raise turbogears.redirect("/principal/list") - @validate(form=principal_new_form) @identity.require(identity.not_anonymous()) def principalcreatevalidate(self, tg_errors=None, **kw): diff --git a/ipa-server/ipa-gui/ipagui/templates/principallist.kid b/ipa-server/ipa-gui/ipagui/templates/principallist.kid index d4177d8d7..3db1c1fcf 100644 --- a/ipa-server/ipa-gui/ipagui/templates/principallist.kid +++ b/ipa-server/ipa-gui/ipagui/templates/principallist.kid @@ -16,14 +16,6 @@ <script type="text/javascript"> document.getElementById("hostname").focus(); </script> - <script type="text/javascript"> - function confirmDownload() { - if (confirm("Are you sure you want to download this principal? It will reset the secret, invalidating any existing keytabs")) { - return true; - } - return false; - } - </script> </div> <div py:if='(principals != None) and (len(principals) > 0)'> <h2>${len(principals)} results returned:</h2> @@ -41,8 +33,7 @@ <tbody> <tr py:for="principal in principals"> <td> - <a href="${tg.url('/principal/show',principal=principal.krbprincipalname)}" onclick="return confirmDownload();" - >${principal.hostname}</a> + ${principal.hostname} </td> <td> ${principal.service} diff --git a/ipa-server/xmlrpc-server/funcs.py b/ipa-server/xmlrpc-server/funcs.py index 2d2bddbb4..2057aa7d0 100644 --- a/ipa-server/xmlrpc-server/funcs.py +++ b/ipa-server/xmlrpc-server/funcs.py @@ -1785,39 +1785,6 @@ class IPAServer: return entries - def get_keytab(self, name, opts=None): - """Return a keytab for an existing service principal. Note that - this increments the secret thus invalidating any older keys.""" - if not name: - raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) - - princ_name = name + "@" + self.realm - - conn = self.getConnection(opts) - - if conn.principal != "admin@" + self.realm: - raise ipaerror.gen_exception(ipaerror.CONNECTION_GSSAPI_CREDENTIALS) - - try: - try: - princs = conn.getList(self.basedn, self.scope, "krbprincipalname=" + princ_name, None) - except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND): - return None - finally: - self.releaseConnection(conn) - - - # This is ugly - call out to a C wrapper around kadmin.local - p = subprocess.Popen(["/usr/sbin/ipa-keytab-util", princ_name, self.realm], - stdout=subprocess.PIPE, stderr=subprocess.PIPE) - stdout,stderr = p.communicate() - - if p.returncode != 0: - return None - - return stdout - - # Configuration support def get_ipa_config(self, opts=None): |