summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJan Cholasta <jcholast@redhat.com>2011-08-16 19:34:04 +0200
committerRob Crittenden <rcritten@redhat.com>2011-08-18 23:24:38 -0400
commit159c13a550f1943de47592615a43576c9dbc2dbe (patch)
treeff5baf7ccd4812f2a7a18faebebafa237e0d47e0
parent2e9d614cabfb556aedb6ca805593dfcf3fa811cd (diff)
downloadfreeipa-159c13a550f1943de47592615a43576c9dbc2dbe.zip
freeipa-159c13a550f1943de47592615a43576c9dbc2dbe.tar.gz
freeipa-159c13a550f1943de47592615a43576c9dbc2dbe.tar.xz
Add option to install without the automatic redirect to the Web UI.
ticket 1570
-rw-r--r--install/conf/ipa-rewrite.conf2
-rwxr-xr-xinstall/tools/ipa-replica-install8
-rwxr-xr-xinstall/tools/ipa-server-install6
-rw-r--r--install/tools/man/ipa-replica-install.13
-rw-r--r--install/tools/man/ipa-server-install.13
-rw-r--r--ipaserver/install/httpinstance.py4
6 files changed, 18 insertions, 8 deletions
diff --git a/install/conf/ipa-rewrite.conf b/install/conf/ipa-rewrite.conf
index ec9912c..5385f9d 100644
--- a/install/conf/ipa-rewrite.conf
+++ b/install/conf/ipa-rewrite.conf
@@ -7,7 +7,7 @@ RewriteLogLevel 0
# By default forward all requests to /ipa. If you don't want IPA
# to be the default on your web server comment this line out.
-RewriteRule ^/$$ https://$FQDN/ipa/ui [L,NC,R=301]
+${AUTOREDIR}RewriteRule ^/$$ https://$FQDN/ipa/ui [L,NC,R=301]
# Redirect to the fully-qualified hostname. Not redirecting to secure
# port so configuration files can be retrieved without requiring SSL.
diff --git a/install/tools/ipa-replica-install b/install/tools/ipa-replica-install
index f13b51e..6b97e0e 100755
--- a/install/tools/ipa-replica-install
+++ b/install/tools/ipa-replica-install
@@ -67,6 +67,8 @@ def parse_options():
help="Do not use DNS for hostname lookup during installation")
parser.add_option("--no-pkinit", dest="setup_pkinit", action="store_false",
default=True, help="disables pkinit setup steps")
+ parser.add_option("--no-ui-redirect", dest="ui_redirect", action="store_false",
+ default=True, help="Do not automatically redirect to the Web UI")
parser.add_option("--skip-conncheck", dest="skip_conncheck", action="store_true",
default=False, help="skip connection check to remote master")
parser.add_option("--setup-ca", dest="setup_ca", action="store_true",
@@ -154,7 +156,7 @@ def install_ca_cert(config):
print "error copying files: " + str(e)
sys.exit(1)
-def install_http(config):
+def install_http(config, auto_redirect):
# if we have a pkcs12 file, create the cert db from
# that. Otherwise the ds setup will create the CA
# cert
@@ -164,7 +166,7 @@ def install_http(config):
config.dir + "/http_pin.txt")
http = httpinstance.HTTPInstance()
- http.create_instance(config.realm_name, config.host_name, config.domain_name, config.dirman_password, False, pkcs12_info, self_signed_ca=True)
+ http.create_instance(config.realm_name, config.host_name, config.domain_name, config.dirman_password, False, pkcs12_info, self_signed_ca=True, auto_redirect=auto_redirect)
# Now copy the autoconfiguration files
if ipautil.file_exists(config.dir + "/preferences.html"):
@@ -428,7 +430,7 @@ def main():
cs.add_cert_to_service()
install_krb(config, setup_pkinit=options.setup_pkinit)
- install_http(config)
+ install_http(config, auto_redirect=options.ui_redirect)
if CA:
CA.import_ra_cert(dir + "/ra.p12")
CA.fix_ra_perms()
diff --git a/install/tools/ipa-server-install b/install/tools/ipa-server-install
index 894a3e8..189bb20 100755
--- a/install/tools/ipa-server-install
+++ b/install/tools/ipa-server-install
@@ -172,6 +172,8 @@ def parse_options():
parser.add_option("--no_hbac_allow", dest="hbac_allow", default=False,
action="store_true",
help="Don't install allow_all HBAC rule")
+ parser.add_option("--no-ui-redirect", dest="ui_redirect", action="store_false",
+ default=True, help="Do not automatically redirect to the Web UI")
options, args = parser.parse_args()
safe_options = parser.get_safe_opts(options)
@@ -906,10 +908,10 @@ def main():
http = httpinstance.HTTPInstance(fstore)
if options.http_pkcs12:
pkcs12_info = (options.http_pkcs12, pw_name)
- http.create_instance(realm_name, host_name, domain_name, dm_password, autoconfig=False, pkcs12_info=pkcs12_info, subject_base=options.subject)
+ http.create_instance(realm_name, host_name, domain_name, dm_password, autoconfig=False, pkcs12_info=pkcs12_info, subject_base=options.subject, auto_redirect=options.ui_redirect)
os.remove(pw_name)
else:
- http.create_instance(realm_name, host_name, domain_name, dm_password, autoconfig=True, self_signed_ca=options.selfsign, subject_base=options.subject)
+ http.create_instance(realm_name, host_name, domain_name, dm_password, autoconfig=True, self_signed_ca=options.selfsign, subject_base=options.subject, auto_redirect=options.ui_redirect)
ipautil.run(["/sbin/restorecon", "/var/cache/ipa/sessions"])
set_subject_in_config(realm_name, dm_password, util.realm_to_suffix(realm_name), options.subject)
diff --git a/install/tools/man/ipa-replica-install.1 b/install/tools/man/ipa-replica-install.1
index 1426d61..350160a 100644
--- a/install/tools/man/ipa-replica-install.1
+++ b/install/tools/man/ipa-replica-install.1
@@ -68,6 +68,9 @@ Do not use DNS for hostname lookup during installation
\fB\-\-no\-pkinit\fR
Disables pkinit setup steps
.TP
+\fB\-\-no\-ui\-redirect\fR
+Do not automatically redirect to the Web UI.
+.TP
\fB\-\-skip\-conncheck\fR
Skip connection check to remote master
.TP
diff --git a/install/tools/man/ipa-server-install.1 b/install/tools/man/ipa-server-install.1
index 7450ab9..a247c19 100644
--- a/install/tools/man/ipa-server-install.1
+++ b/install/tools/man/ipa-server-install.1
@@ -133,6 +133,9 @@ The maximum user and group id number (default: idstart+199999). If set to zero,
\fB\-\-no_hbac_allow\fR
Don't install allow_all HBAC rule. This rule lets any user from any host access any service on any other host. It is expected that users will remove this rule before moving to production.
.TP
+\fB\-\-no\-ui\-redirect\fR
+Do not automatically redirect to the Web UI.
+.TP
.SH "EXIT STATUS"
0 if the installation was successful
diff --git a/ipaserver/install/httpinstance.py b/ipaserver/install/httpinstance.py
index d2eb27c..fe5f7aa 100644
--- a/ipaserver/install/httpinstance.py
+++ b/ipaserver/install/httpinstance.py
@@ -55,7 +55,7 @@ class HTTPInstance(service.Service):
else:
self.fstore = sysrestore.FileStore('/var/lib/ipa/sysrestore')
- def create_instance(self, realm, fqdn, domain_name, dm_password=None, autoconfig=True, pkcs12_info=None, self_signed_ca=False, subject_base=None):
+ def create_instance(self, realm, fqdn, domain_name, dm_password=None, autoconfig=True, pkcs12_info=None, self_signed_ca=False, subject_base=None, auto_redirect=True):
self.fqdn = fqdn
self.realm = realm
self.domain = domain_name
@@ -66,7 +66,7 @@ class HTTPInstance(service.Service):
self.principal = "HTTP/%s@%s" % (self.fqdn, self.realm)
self.dercert = None
self.subject_base = subject_base
- self.sub_dict = { "REALM" : realm, "FQDN": fqdn, "DOMAIN" : self.domain }
+ self.sub_dict = {"REALM": realm, "FQDN": fqdn, "DOMAIN": self.domain, "AUTOREDIR": '' if auto_redirect else '#'}
# get a connection to the DS
self.ldap_connect()