summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* Add support for returning user attributesSimo Sorce2014-09-242-1/+37
| | | | | Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Add Info Provider plugin frameworkSimo Sorce2014-09-246-1/+147
| | | | | Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Add error log facility to Log utilitySimo Sorce2014-09-241-1/+6
| | | | | | | Also improve debug errors by adding the originating function Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Add proper ordering to login plugins config optsSimo Sorce2014-09-243-0/+6
| | | | | Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Allow plugins to determine config options orderSimo Sorce2014-09-242-2/+17
| | | | | | | | Ordering may also be partial, for any option not specified they will be appended in lexycographic order. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Remove service name from the form pluginSimo Sorce2014-09-241-9/+1
| | | | | | | | | When using the external apache modules for form based authentication, the pam service name is set in the apache config files and cannot be dynamically changed, do not offr it as a configuration option. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Use an instance specific session id cookie nameSimo Sorce2014-09-241-0/+1
| | | | | | | Avoids issues if multiple instances are used on the same server Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Confine session to the instanceSimo Sorce2014-09-241-0/+1
| | | | | | | Set session path so that the session is sent only for the specific instance Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Use helper cookie to remember the usernameSimo Sorce2014-09-245-5/+29
| | | | | | | | | This makes the login page a lot more friendy Available only over HTTPS Max age set to 15 days Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Create common form handler pageSimo Sorce2014-09-245-119/+50
| | | | | | | Reduce duplication Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Rename form login pageSimo Sorce2014-09-244-5/+5
| | | | | Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Remove unused option from the FAS login pluginSimo Sorce2014-09-241-10/+0
| | | | | Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Handle the presence of additional form fieldsSimo Sorce2014-09-241-3/+10
| | | | | | | | For exampe hidden fields which must be preserved and POSTed back to the action url. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Cast db value to string before comparisonSimo Sorce2014-09-241-1/+1
| | | | | | | | Avoid false negatives when the sqlite3 db is 'smart' and automatically converts the type to integer. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Allow deferred initialization of providersSimo Sorce2014-09-243-24/+45
| | | | | | | This fixes enabling a provider after the sever is started. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Do not reprovision if conf is already availableSimo Sorce2014-09-241-18/+23
| | | | | | | Also use a more meaningful directory name by default Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Declare admin attributeSimo Sorce2014-09-241-0/+1
| | | | | | | Makes lint happier Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Fix the check for hasattr(., 'admin')Patrick Uiterwijk2014-09-051-1/+0
| | | | | | | Avoid crashing if a provider does not have an admin interface Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>
* Add FAS login pluginSimo Sorce2014-08-272-0/+237
| | | | | | | | | | This plugin simply take a Fedora username and password and authenticates the user against the FAS Server. FAS returned data is saved as userdata in the 'fas' attribute. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Restore ability to run from checkoutSimo Sorce2014-08-272-6/+105
| | | | | | | also adds quickrun.py script to make it easy. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Move user attribute storage into session functionsSimo Sorce2014-08-272-7/+20
| | | | | Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Use new Log class everywhereSimo Sorce2014-08-276-41/+14
| | | | | | | | | Replace copies of _debug function sprinkled all over the code with a single implementation Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com> - Removed replace of self._debug to self.debug
* Add Log class that can be inherited from safelySimo Sorce2014-08-271-0/+20
| | | | | Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Prefer the 'form' login manager in ipa setupsSimo Sorce2014-08-271-3/+3
| | | | | | Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk - Replaced "all(lm not in" with "not any(lm in"
* Add External form auth pluginSimo Sorce2014-08-273-2/+192
| | | | | | | This plugin uses mod_intercept_form_submit to perform authentication. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Rework remote_login and remove protect decoratorSimo Sorce2014-08-274-9/+5
| | | | | | | | | | | | The protect decorator was not really being used for anything, remove it. Change the way UserSession's remote_login() works. If called now it either sets a REMOTE_USER (if found) or nukes the current user data in the session. This means this function can be safely called only in a login plugin now. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Change test executables into modulesSimo Sorce2014-06-175-224/+270
| | | | | | | Create a common tests framework and convert tests into modules loaded at runtime using the ipsilon plugin framework. Signed-off-by: Simo Sorce <simo@redhat.com>
* Fix warningSimo Sorce2014-06-171-1/+1
| | | | Signed-off-by: Simo Sorce <simo@redhat.com>
* Add tests to source distribution tooSimo Sorce2014-06-172-1/+3
| | | | Signed-off-by: Simo Sorce <simo@redhat.com>
* Add project url and maintainer data to setup fileSimo Sorce2014-06-171-0/+3
| | | | Signed-off-by: Simo Sorce <simo@redhat.com>
* Strenghten default Security options in IDPSimo Sorce2014-06-175-5/+14
| | | | | | | | Always deny access to the IDP if not using SSL by default. Always turn on secure/httponly cookies by default. Add a switch to disable all security options for testing. Signed-off-by: Simo Sorce <simo@redhat.com>
* Fix non-'make test' installationSimo Sorce2014-06-171-0/+2
| | | | Signed-off-by: Simo Sorce <simo@redhat.com>
* Move parsing code into helpers moduleSimo Sorce2014-06-153-226/+258
| | | | | | This way common test actions can be easily reused by multiple tests. Signed-off-by: Simo Sorce <simo@redhat.com>
* Add server install option to turn on debuggingSimo Sorce2014-06-063-3/+7
| | | | | | | Use this in the testsuite so we can get meaningful output in the logs when something fails. Signed-off-by: Simo Sorce <simo@redhat.com>
* Print more info about the steps being performedSimo Sorce2014-06-061-0/+3
| | | | Signed-off-by: Simo Sorce <simo@redhat.com>
* Clean up only after package removal, not during upgrades.Jan Pazdziora2014-06-061-2/+5
| | | | | Signed-off-by: Jan Pazdziora <jpazdziora@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>
* Make sure semanage and restorecon are installed when we want to use them.Jan Pazdziora2014-06-061-0/+2
| | | | | | | | | Addressing Installing : ipsilon-0.2.4-3.fc20.x86_64 1/1 /var/tmp/rpm-tmp.pDkQSL: line 1: semanage: command not found Signed-off-by: Jan Pazdziora <jpazdziora@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>
* If there are some errors while semanaging, we want to see them.Jan Pazdziora2014-06-061-4/+4
| | | | | Signed-off-by: Jan Pazdziora <jpazdziora@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>
* Bump up release to 0.2.5v0.2.5Simo Sorce2014-06-042-3/+3
| | | | Signed-off-by: Simo Sorce <simo@redhat.com>
* Add first test, checks client/server installs workSimo Sorce2014-06-043-0/+307
| | | | Signed-off-by: Simo Sorce <simo@redhat.com>
* Add support for socket wrappers if availableSimo Sorce2014-06-042-1/+29
| | | | Signed-off-by: Simo Sorce <simo@redhat.com>
* Add basic testing infrastructureSimo Sorce2014-06-046-0/+368
| | | | | | | | | | | | | | make test will now run some sanity tests to make sure basic installation procedures work in a sinthetic test environment. Adds: - custom httpd setup for tests - use profiles to driver ipsilon servers and clients installation - starts multiple httpd servers This way we can test interaction between IDP and SP servers Signed-off-by: Simo Sorce <simo@redhat.com>
* Add test login moduleSimo Sorce2014-06-041-0/+154
| | | | | | | This is useful to do automated testing. It accepts authentication as long as the password is 'ipsilon'. Signed-off-by: Simo Sorce <simo@redhat.com>
* Additional parametrization of template filesSimo Sorce2014-06-043-7/+13
| | | | | | To allow for testing in a custom rootdir, and with a custom user. Signed-off-by: Simo Sorce <simo@redhat.com>
* Do not make directory unwritableSimo Sorce2014-06-041-1/+1
| | | | | | | | This does not stop the user, but makes it hard to deal wit the directory in testing. Let file fixing use the default 700 permissions. Signed-off-by: Simo Sorce <simo@redhat.com>
* Add support for passing configuration profileSimo Sorce2014-06-042-0/+75
| | | | | | | | | | | | | | | | | | The new option --config-profile accepts a INI style file, so that installation options are passed in via a file. this is useful for testing and automated installs. This file can have 2 sections: globals, arguments. The globals section can change global variable in the install script like: TEMPLATES, CONFDIR, DATADIR, HTTPDCONFD and so on, so that an installation can use non-standad directories. The argumets section accepts any argument option. The config profile file is parsed after all arguments have parsed and can override any plugin argument. Signed-off-by: Simo Sorce <simo@redhat.com>
* Allow turning off security at install timeSimo Sorce2014-06-043-3/+19
| | | | | | This should be used only for testing purposes Signed-off-by: Simo Sorce <simo@redhat.com>
* Add optional field to allow pasting the metadataSimo Sorce2014-06-042-3/+32
| | | | | | | This way a user can avoid copying the metadata file arund but paste the content straight from a terminal window. Signed-off-by: Simo Sorce <simo@redhat.com>
* Add tooltips to SAML formsSimo Sorce2014-05-293-6/+16
| | | | | | This should make clearer what is expected in each field. Signed-off-by: Simo Sorce <simo@redhat.com>
* Show the Save button only if it usefulSimo Sorce2014-05-291-4/+6
| | | | | | | If the user cannot perform any action there is no reason to show the save button. Signed-off-by: Simo Sorce <simo@redhat.com>
generated by cgit (git 2.34.1) at 2024-06-02 17:25:24 +0000