diff options
Diffstat (limited to 'funcweb/funcweb/identity/pamprovider.py')
-rw-r--r-- | funcweb/funcweb/identity/pamprovider.py | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/funcweb/funcweb/identity/pamprovider.py b/funcweb/funcweb/identity/pamprovider.py new file mode 100644 index 0000000..9f3ecf6 --- /dev/null +++ b/funcweb/funcweb/identity/pamprovider.py @@ -0,0 +1,55 @@ +# -*- coding: utf-8 -*- +# +# Copyright © 2008 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing to use, modify, +# copy, or redistribute it subject to the terms and conditions of the GNU +# General Public License v.2. This program is distributed in the hope that it +# will be useful, but WITHOUT ANY WARRANTY expressed or implied, including the +# implied warranties of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. +# See the GNU General Public License for more details. You should have +# received a copy of the GNU General Public License along with this program; if +# not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth +# Floor, Boston, MA 02110-1301, USA. Any Red Hat trademarks that are +# incorporated in the source code or documentation are not subject to the GNU +# General Public License and may only be used or replicated with the express +# permission of Red Hat, Inc. +# +# Author(s): Luke Macken <lmacken@redhat.com> + +import logging + +from model import * +from turbogears.identity.saprovider import * + +log = logging.getLogger(__name__) + +visit_identity_class = None + +class PAMIdentityProvider(SqlAlchemyIdentityProvider): + """ + IdentityProvider that authenticates users against PAM. + """ + def validate_identity(self, user_name, password, visit_key): + if not self.validate_password(user_name, password): + log.warning("Invalid password for %s" % user_name) + return None + + log.info("Login successful for %s" % user_name) + + try: + link = VisitIdentity.by_visit_key(visit_key) + #link.user_id = user.id + log.debug("Found visit!") + except Exception, e: + log.debug("Cannot find visit") + link = VisitIdentity(visit_key=visit_key, user_id=user_name) + print "Exception: %s" % str(e) + + return SqlAlchemyIdentity(visit_key, user) + + def validate_password(self,user_name, password): + import pam + log.debug("Authenticating user '%s' against PAM" % user_name) + assert pam + return pam.authenticate(user_name, password) |