From ee780df13c99a5465cd6df965772260c297a5eb2 Mon Sep 17 00:00:00 2001
From: John Dennis <jdennis@redhat.com>
Date: Sat, 25 Feb 2012 13:39:19 -0500
Subject: Implement password based session login

* Adjust URL's
  - rename /ipa/login -> /ipa/session/login_kerberos
  - add /ipa/session/login_password

* Adjust Kerberos protection on URL's in ipa.conf

* Bump VERSION in httpd ipa.conf to pick up session changes.

* Adjust login URL in ipa.js

* Add InvalidSessionPassword to errors.py

* Rename krblogin class to login_kerberos for consistency with
  new login_password class

* Implement login_password.kinit() method which invokes
  /usr/bin/kinit as a subprocess

* Add login_password class for WSGI dispatch, accepts POST
  application/x-www-form-urlencoded user & password
  parameters. We form the Kerberos principal from the server's
  realm.

* Add function  krb5_unparse_ccache()

* Refactor code to share common code

* Clean up use of ccache names, be consistent

* Replace read_krbccache_file(), store_krbccache_file(), delete_krbccache_file()
  with load_ccache_data(), bind_ipa_ccache(), release_ipa_ccache().
  bind_ipa_ccache() now sets environment KRB5CCNAME variable.
  release_ipa_ccache() now clears environment KRB5CCNAME variable.

* ccache names should now support any ccache storage scheme,
  not just FILE based ccaches

* Add utilies to return HTTP status from wsgi handlers,
  use constants for HTTP status code for consistency.
  Use utilies for returning from wsgi handlers rather than
  duplicated code.

* Add KerberosSession.finalize_kerberos_acquisition() method
  so different login handlers can share common code.

* add Requires: krb5-workstation to server (server now calls kinit)

* Fix test_rpcserver.py to use new dispatch inside route() method

https://fedorahosted.org/freeipa/ticket/2095
---
 tests/test_ipaserver/test_rpcserver.py | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'tests')

diff --git a/tests/test_ipaserver/test_rpcserver.py b/tests/test_ipaserver/test_rpcserver.py
index e712078d7..15ca9dc08 100644
--- a/tests/test_ipaserver/test_rpcserver.py
+++ b/tests/test_ipaserver/test_rpcserver.py
@@ -100,14 +100,14 @@ class test_session(object):
             )
 
         inst = self.klass()
-        inst.mount(app1, 'foo')
-        inst.mount(app2, 'bar')
+        inst.mount(app1, '/foo/stuff')
+        inst.mount(app2, '/bar')
 
         d = dict(SCRIPT_NAME='/ipa', PATH_INFO='/foo/stuff')
-        assert inst.route(d, None) == ('from 1', ['/ipa/foo', '/stuff'])
+        assert inst.route(d, None) == ('from 1', ['/ipa', '/foo/stuff'])
 
         d = dict(SCRIPT_NAME='/ipa', PATH_INFO='/bar')
-        assert inst.route(d, None) == ('from 2', ['/ipa/bar', ''])
+        assert inst.route(d, None) == ('from 2', ['/ipa', '/bar'])
 
     def test_mount(self):
         def app1(environ, start_response):
-- 
cgit