Got new ldap connection working using Connectible.connect()

9 files changed, 48 insertions, 38 deletions

diff --git a/ipalib/backend.py b/ipalib/backend.py
index d484c22eb..22aa128b3 100644
--- a/ipalib/backend.py
+++ b/ipalib/backend.py
@@ -98,9 +98,9 @@ class Executioner(Backend):
 
     def create_context(self, ccache=None, client_ip=None):
         if self.env.in_server:
-            self.Backend.ldap.connect(ccache=ccache)
+            self.Backend.ldap.connect(ccache)
         else:
-            self.Backend.xmlclient.connect(ccache=ccache)
+            self.Backend.xmlclient.connect()
 
     def execute(self, name, *args, **options):
         error = None
diff --git a/ipalib/cli.py b/ipalib/cli.py
index 5d5bdc34f..d0119614b 100644
--- a/ipalib/cli.py
+++ b/ipalib/cli.py
@@ -406,7 +406,7 @@ class help(frontend.Command):
         super(help, self).finalize()
 
     def run(self, key):
-        textui = self.Backend.textui
+
         if key is None:
             self.print_commands()
             return
@@ -529,13 +529,16 @@ class cli(backend.Executioner):
         if len(argv) == 0:
             self.Command.help()
             return
+        self.create_context()
         (key, argv) = (argv[0], argv[1:])
-        cmd = self.get_command(key)
+        name = from_cli(key)
+        if name not in self.Command:
+            raise CommandError(name=key)
+        cmd = self.Command[name]
         kw = self.parse(cmd, argv)
         if self.env.interactive:
             self.prompt_interactively(cmd, kw)
-        self.create_context()
-        result = cmd(**kw)
+        result = self.execute(name, **kw)
         if callable(cmd.output_for_cli):
             for param in cmd.params():
                 if param.password and param.name in kw:
@@ -543,12 +546,6 @@ class cli(backend.Executioner):
             (args, options) = cmd.params_2_args_options(**kw)
             cmd.output_for_cli(self.api.Backend.textui, result, *args, **options)
 
-    def get_command(self, key):
-        name = from_cli(key)
-        if name not in self.Command:
-            raise CommandError(name=key)
-        return self.Command[name]
-
     def parse(self, cmd, argv):
         parser = self.build_parser(cmd)
         (collector, args) = parser.parse_args(argv, Collector())
diff --git a/ipalib/frontend.py b/ipalib/frontend.py
index eb7f45d63..fc436a7a9 100644
--- a/ipalib/frontend.py
+++ b/ipalib/frontend.py
@@ -95,14 +95,14 @@ class Command(plugable.Plugin):
         XML-RPC and the executed an the nearest IPA server.
         """
         params = self.args_options_2_params(*args, **options)
-        self.info(
+        self.debug(
             'raw: %s(%s)', self.name, ', '.join(self._repr_iter(**params))
         )
         params = self.normalize(**params)
         params = self.convert(**params)
         params.update(self.get_default(**params))
         self.info(
-            'processed: %s(%s)', self.name, ', '.join(self._repr_iter(**params))
+            '%s(%s)', self.name, ', '.join(self._repr_iter(**params))
         )
         self.validate(**params)
         (args, options) = self.params_2_args_options(**params)
diff --git a/ipalib/rpc.py b/ipalib/rpc.py
index a70b372bd..3d837b5f1 100644
--- a/ipalib/rpc.py
+++ b/ipalib/rpc.py
@@ -217,11 +217,10 @@ class xmlclient(Connectible):
         self.__errors = dict((e.errno, e) for e in public_errors)
 
     def create_connection(self, ccache=None):
-        return ServerProxy(self.env.xmlrpc_uri,
-            #transport=KerbTransport(),
-            allow_none=True,
-            encoding='UTF-8',
-        )
+        kw = dict(allow_none=True, encoding='UTF-8')
+        if self.env.xmlrpc_uri.startswith('https://'):
+            kw['transport'] = KerbTransport()
+        return ServerProxy(self.env.xmlrpc_uri, **kw)
 
     def destroy_connection(self):
         pass
@@ -241,6 +240,7 @@ class xmlclient(Connectible):
             raise ValueError(
                 '%s.forward(): %r not in api.Command' % (self.name, name)
             )
+        self.info('Forwarding %r to %r', name, self.env.xmlrpc_uri)
         command = getattr(self.conn, name)
         params = args + (kw,)
         try:
diff --git a/ipaserver/plugins/b_ldap.py b/ipaserver/plugins/b_ldap.py
index 350870392..1160bf9e7 100644
--- a/ipaserver/plugins/b_ldap.py
+++ b/ipaserver/plugins/b_ldap.py
@@ -28,8 +28,8 @@ import ldap as _ldap
 from ipalib import api
 from ipalib import errors
 from ipalib.crud import CrudBackend
-from ipaserver import servercore
-from ipaserver import ipaldap
+from ipaserver import servercore, ipaldap
+import krbV
 
 
 class ldap(CrudBackend):
@@ -41,11 +41,16 @@ class ldap(CrudBackend):
         self.dn = _ldap.dn
         super(ldap, self).__init__()
 
-    def create_connection(self, ccache=None):
-        return 'The LDAP connection.'
+    def create_connection(self, ccache):
+        conn = ipaldap.IPAdmin(self.env.ldap_host, self.env.ldap_port)
+        principle = krbV.CCache(
+            name=ccache, context=krbV.default_context()
+        ).principal().name
+        conn.set_krbccache(ccache, principle)
+        return conn
 
     def destroy_connection(self):
-        pass
+        self.conn.unbind_s()
 
     def make_user_dn(self, uid):
         """
diff --git a/ipaserver/plugins/b_ra.py b/ipaserver/plugins/b_ra.py
index e6a9b63f4..f0363bf15 100644
--- a/ipaserver/plugins/b_ra.py
+++ b/ipaserver/plugins/b_ra.py
@@ -338,7 +338,7 @@ class ra(Backend):
 
     def __get_ca_chain(self):
         headers = {"Content-type": "application/x-www-form-urlencoded"}
-        conn = httplib.HTTPConnection(self.ca_host+":"+self.ca_port)
+        conn = httplib.HTTPConnection(self.ca_host, self.ca_port)
         conn.request("POST", "/ca/ee/ca/getCertChain", None, headers)
         response = conn.getresponse()
         api.log.debug("IPA-RA: response.status: %d  response.reason: '%s'" % (response.status, response.reason))
diff --git a/ipaserver/rpcserver.py b/ipaserver/rpcserver.py
index 9616e481d..cb0a464cc 100644
--- a/ipaserver/rpcserver.py
+++ b/ipaserver/rpcserver.py
@@ -46,11 +46,12 @@ class xmlserver(Executioner):
     Also see the `ipalib.rpc.xmlclient` plugin.
     """
 
-    def marshaled_dispatch(self, data):
+    def marshaled_dispatch(self, data, ccache):
         """
         Execute the XML-RPC request in contained in ``data``.
         """
         try:
+            self.create_context(ccache=ccache)
             (params, name) = xml_loads(data)
             (args, options) = params_2_args_options(params)
             response = (self.execute(name, *args, **options),)
diff --git a/ipaserver/servercore.py b/ipaserver/servercore.py
index 362013401..19adb019f 100644
--- a/ipaserver/servercore.py
+++ b/ipaserver/servercore.py
@@ -20,7 +20,7 @@
 import ldap
 import string
 import re
-from ipaserver.context import context
+from ipalib.request import context
 from ipaserver import ipaldap
 import ipautil
 from ipalib import errors
@@ -86,7 +86,7 @@ def get_entry (base, scope, searchfilter, sattrs=None):
     """
     ent=""
 
-    ent = context.conn.getConn().getEntry(base, scope, searchfilter, sattrs)
+    ent = context.ldap.conn.getEntry(base, scope, searchfilter, sattrs)
 
     return convert_entry(ent)
 
@@ -117,7 +117,7 @@ def get_list (base, searchfilter, sattrs=None, scope=ldap.SCOPE_SUBTREE):
     """
     entries = []
 
-    entries = context.conn.getConn().getList(base, scope, searchfilter, sattrs)
+    entries = context.ldap.conn.getList(base, scope, searchfilter, sattrs)
 
     return map(convert_entry, entries)
 
@@ -252,22 +252,22 @@ def update_entry (entry, remove_keys=[]):
         # FIXME: return a missing DN error message
         raise e
 
-    return context.conn.getConn().updateEntry(moddn, oldentry, newentry)
+    return context.ldap.conn.updateEntry(moddn, oldentry, newentry)
 
 def add_entry(entry):
     """Add a new entry"""
-    return context.conn.getConn().addEntry(entry)
+    return context.ldap.conn.addEntry(entry)
 
 def delete_entry(dn):
     """Remove an entry"""
-    return context.conn.getConn().deleteEntry(dn)
+    return context.ldap.conn.deleteEntry(dn)
 
 # FIXME, get time and search limit from cn=ipaconfig
 def search(base, filter, attributes, timelimit=1, sizelimit=3000):
     """Perform an LDAP query"""
     try:
         timelimit = float(timelimit)
-        results = context.conn.getConn().getListAsync(base, ldap.SCOPE_SUBTREE,
+        results = context.ldap.conn.getListAsync(base, ldap.SCOPE_SUBTREE,
             filter, attributes, 0, None, None, timelimit, sizelimit)
     except ldap.NO_SUCH_OBJECT:
         raise errors.NotFound
@@ -322,7 +322,7 @@ def get_ipa_config():
     return config
 
 def modify_password(dn, oldpass, newpass):
-    return context.conn.getConn().modifyPassword(dn, oldpass, newpass)
+    return context.ldap.conn.modifyPassword(dn, oldpass, newpass)
 
 def mark_entry_active (dn):
     """Mark an entry as active in LDAP."""
diff --git a/lite-xmlrpc.py b/lite-xmlrpc.py
index 811fe21c8..d755dfa3f 100755
--- a/lite-xmlrpc.py
+++ b/lite-xmlrpc.py
@@ -25,11 +25,9 @@ In-tree XML-RPC server using SimpleXMLRPCServer.
 
 import sys
 from SimpleXMLRPCServer import SimpleXMLRPCServer
+import krbV
 from ipalib import api
 
-api.bootstrap_with_global_options(context='server')
-api.finalize()
-
 
 class Instance(object):
     """
@@ -52,13 +50,22 @@ class Server(SimpleXMLRPCServer):
         """
         Use `ipaserver.rpcserver.xmlserver.marshaled_dispatch()`.
         """
-        return api.Backend.xmlserver.marshaled_dispatch(data)
+        try:
+            ccache=krbV.default_context().default_ccache().name
+            return api.Backend.xmlserver.marshaled_dispatch(data, ccache)
+        except Exception, e:
+            api.log.exception('Error caught by lite-xmlrpc.py...')
+            raise e
 
 
+api.bootstrap_with_global_options(context='server')
+api.finalize()
+
 kw = dict(logRequests=False)
 if sys.version_info[:2] != (2, 4):
     kw.update(dict(encoding='UTF-8', allow_none=True))
 server = Server(('', api.env.lite_xmlrpc_port), **kw)
+
 api.log.info('Logging to file %r', api.env.log)
 api.log.info('Listening on port %d', api.env.lite_xmlrpc_port)
 server.register_introspection_functions()