diff options
| author | Ade Lee <alee@redhat.com> | 2013-05-04 02:47:49 -0400 |
|---|---|---|
| committer | Ade Lee <alee@redhat.com> | 2013-05-04 14:50:39 -0400 |
| commit | 9d00ecc4005ce029525512ab4cdcfe1e26065bfa (patch) | |
| tree | 36477396389e69dfe62e2a9b3f70c821b136e4de /base | |
| parent | 328f0b843ca7ec274ac965839b9a03cd81f6844f (diff) | |
| download | pki-9d00ecc4005ce029525512ab4cdcfe1e26065bfa.tar.gz pki-9d00ecc4005ce029525512ab4cdcfe1e26065bfa.tar.xz pki-9d00ecc4005ce029525512ab4cdcfe1e26065bfa.zip | |
Fix tests in pkispawn to use legacy URLs as fallback
When setting up clones or non-CA subsystems, pkispawn checks if
the security domain is accessible and if the user can log in.
These calls invoke REST URIs, which are not available on older
subsystems. To support these subsystems, we need to attempt the
older legacy servlets if the REST APIs are not available.
Ticket #604
Diffstat (limited to 'base')
| -rw-r--r-- | base/common/python/pki/system.py | 10 | ||||
| -rw-r--r-- | base/server/src/engine/pkiparser.py | 25 |
2 files changed, 32 insertions, 3 deletions
diff --git a/base/common/python/pki/system.py b/base/common/python/pki/system.py index 3c54e0015..5b4caf7f3 100644 --- a/base/common/python/pki/system.py +++ b/base/common/python/pki/system.py @@ -20,6 +20,7 @@ # import pki.encoder as encoder +import xml.etree.ElementTree as ET class SecurityDomainInfo: @@ -40,6 +41,15 @@ class SecurityDomainClient: return info + def getOldSecurityDomainInfo(self): + r = self.connection.get('/admin/ca/getDomainXML') + root = ET.fromstring(r.text) + domaininfo = ET.fromstring(root.find("DomainInfo").text) + info = SecurityDomainInfo() + info.name = domaininfo.find("Name").text + + return info + class ConfigurationRequest: def __init__(self): diff --git a/base/server/src/engine/pkiparser.py b/base/server/src/engine/pkiparser.py index 8918eb8a6..f10706ac6 100644 --- a/base/server/src/engine/pkiparser.py +++ b/base/server/src/engine/pkiparser.py @@ -27,6 +27,7 @@ import ldap import logging import os import random +import requests import string import subprocess import sys @@ -396,7 +397,15 @@ class PKIConfigParser: def sd_get_info(self): sd = pki.system.SecurityDomainClient(self.sd_connection) - return sd.getSecurityDomainInfo() + try: + info = sd.getSecurityDomainInfo() + except requests.exceptions.HTTPError as e: + config.pki_log.info( + "unable to access security domain through REST interface. " +\ + "Trying old interface. " + str(e), + extra=config.PKI_INDENTATION_LEVEL_2) + info = sd.getOldSecurityDomainInfo() + return info def sd_authenticate(self): self.sd_connection.authenticate( @@ -404,8 +413,18 @@ class PKIConfigParser: config.pki_master_dict['pki_security_domain_password']) account = pki.account.AccountClient(self.sd_connection) - account.login() - account.logout() + try: + account.login() + account.logout() + except requests.exceptions.HTTPError as e: + code = e.response.status_code + if code == 404 or code == 501: + config.pki_log.warning( + "unable to validate security domain user/password " +\ + "through REST interface. Interface not available", + extra=config.PKI_INDENTATION_LEVEL_2) + else: + raise def compose_pki_master_dictionary(self): "Create a single master PKI dictionary from the sectional dictionaries" |