From a0aebd46a11d7cf9563489520ae4a540e2a63827 Mon Sep 17 00:00:00 2001 From: Jason Gerard DeRose Date: Wed, 28 Jan 2009 16:12:49 -0700 Subject: Got new ldap connection working using Connectible.connect() --- ipalib/backend.py | 4 ++-- ipalib/cli.py | 17 +++++++---------- ipalib/frontend.py | 4 ++-- ipalib/rpc.py | 10 +++++----- ipaserver/plugins/b_ldap.py | 15 ++++++++++----- ipaserver/plugins/b_ra.py | 2 +- ipaserver/rpcserver.py | 3 ++- ipaserver/servercore.py | 16 ++++++++-------- lite-xmlrpc.py | 15 +++++++++++---- 9 files changed, 48 insertions(+), 38 deletions(-) diff --git a/ipalib/backend.py b/ipalib/backend.py index d484c22eb..22aa128b3 100644 --- a/ipalib/backend.py +++ b/ipalib/backend.py @@ -98,9 +98,9 @@ class Executioner(Backend): def create_context(self, ccache=None, client_ip=None): if self.env.in_server: - self.Backend.ldap.connect(ccache=ccache) + self.Backend.ldap.connect(ccache) else: - self.Backend.xmlclient.connect(ccache=ccache) + self.Backend.xmlclient.connect() def execute(self, name, *args, **options): error = None diff --git a/ipalib/cli.py b/ipalib/cli.py index 5d5bdc34f..d0119614b 100644 --- a/ipalib/cli.py +++ b/ipalib/cli.py @@ -406,7 +406,7 @@ class help(frontend.Command): super(help, self).finalize() def run(self, key): - textui = self.Backend.textui + if key is None: self.print_commands() return @@ -529,13 +529,16 @@ class cli(backend.Executioner): if len(argv) == 0: self.Command.help() return + self.create_context() (key, argv) = (argv[0], argv[1:]) - cmd = self.get_command(key) + name = from_cli(key) + if name not in self.Command: + raise CommandError(name=key) + cmd = self.Command[name] kw = self.parse(cmd, argv) if self.env.interactive: self.prompt_interactively(cmd, kw) - self.create_context() - result = cmd(**kw) + result = self.execute(name, **kw) if callable(cmd.output_for_cli): for param in cmd.params(): if param.password and param.name in kw: @@ -543,12 +546,6 @@ class cli(backend.Executioner): (args, options) = cmd.params_2_args_options(**kw) cmd.output_for_cli(self.api.Backend.textui, result, *args, **options) - def get_command(self, key): - name = from_cli(key) - if name not in self.Command: - raise CommandError(name=key) - return self.Command[name] - def parse(self, cmd, argv): parser = self.build_parser(cmd) (collector, args) = parser.parse_args(argv, Collector()) diff --git a/ipalib/frontend.py b/ipalib/frontend.py index eb7f45d63..fc436a7a9 100644 --- a/ipalib/frontend.py +++ b/ipalib/frontend.py @@ -95,14 +95,14 @@ class Command(plugable.Plugin): XML-RPC and the executed an the nearest IPA server. """ params = self.args_options_2_params(*args, **options) - self.info( + self.debug( 'raw: %s(%s)', self.name, ', '.join(self._repr_iter(**params)) ) params = self.normalize(**params) params = self.convert(**params) params.update(self.get_default(**params)) self.info( - 'processed: %s(%s)', self.name, ', '.join(self._repr_iter(**params)) + '%s(%s)', self.name, ', '.join(self._repr_iter(**params)) ) self.validate(**params) (args, options) = self.params_2_args_options(**params) diff --git a/ipalib/rpc.py b/ipalib/rpc.py index a70b372bd..3d837b5f1 100644 --- a/ipalib/rpc.py +++ b/ipalib/rpc.py @@ -217,11 +217,10 @@ class xmlclient(Connectible): self.__errors = dict((e.errno, e) for e in public_errors) def create_connection(self, ccache=None): - return ServerProxy(self.env.xmlrpc_uri, - #transport=KerbTransport(), - allow_none=True, - encoding='UTF-8', - ) + kw = dict(allow_none=True, encoding='UTF-8') + if self.env.xmlrpc_uri.startswith('https://'): + kw['transport'] = KerbTransport() + return ServerProxy(self.env.xmlrpc_uri, **kw) def destroy_connection(self): pass @@ -241,6 +240,7 @@ class xmlclient(Connectible): raise ValueError( '%s.forward(): %r not in api.Command' % (self.name, name) ) + self.info('Forwarding %r to %r', name, self.env.xmlrpc_uri) command = getattr(self.conn, name) params = args + (kw,) try: diff --git a/ipaserver/plugins/b_ldap.py b/ipaserver/plugins/b_ldap.py index 350870392..1160bf9e7 100644 --- a/ipaserver/plugins/b_ldap.py +++ b/ipaserver/plugins/b_ldap.py @@ -28,8 +28,8 @@ import ldap as _ldap from ipalib import api from ipalib import errors from ipalib.crud import CrudBackend -from ipaserver import servercore -from ipaserver import ipaldap +from ipaserver import servercore, ipaldap +import krbV class ldap(CrudBackend): @@ -41,11 +41,16 @@ class ldap(CrudBackend): self.dn = _ldap.dn super(ldap, self).__init__() - def create_connection(self, ccache=None): - return 'The LDAP connection.' + def create_connection(self, ccache): + conn = ipaldap.IPAdmin(self.env.ldap_host, self.env.ldap_port) + principle = krbV.CCache( + name=ccache, context=krbV.default_context() + ).principal().name + conn.set_krbccache(ccache, principle) + return conn def destroy_connection(self): - pass + self.conn.unbind_s() def make_user_dn(self, uid): """ diff --git a/ipaserver/plugins/b_ra.py b/ipaserver/plugins/b_ra.py index e6a9b63f4..f0363bf15 100644 --- a/ipaserver/plugins/b_ra.py +++ b/ipaserver/plugins/b_ra.py @@ -338,7 +338,7 @@ class ra(Backend): def __get_ca_chain(self): headers = {"Content-type": "application/x-www-form-urlencoded"} - conn = httplib.HTTPConnection(self.ca_host+":"+self.ca_port) + conn = httplib.HTTPConnection(self.ca_host, self.ca_port) conn.request("POST", "/ca/ee/ca/getCertChain", None, headers) response = conn.getresponse() api.log.debug("IPA-RA: response.status: %d response.reason: '%s'" % (response.status, response.reason)) diff --git a/ipaserver/rpcserver.py b/ipaserver/rpcserver.py index 9616e481d..cb0a464cc 100644 --- a/ipaserver/rpcserver.py +++ b/ipaserver/rpcserver.py @@ -46,11 +46,12 @@ class xmlserver(Executioner): Also see the `ipalib.rpc.xmlclient` plugin. """ - def marshaled_dispatch(self, data): + def marshaled_dispatch(self, data, ccache): """ Execute the XML-RPC request in contained in ``data``. """ try: + self.create_context(ccache=ccache) (params, name) = xml_loads(data) (args, options) = params_2_args_options(params) response = (self.execute(name, *args, **options),) diff --git a/ipaserver/servercore.py b/ipaserver/servercore.py index 362013401..19adb019f 100644 --- a/ipaserver/servercore.py +++ b/ipaserver/servercore.py @@ -20,7 +20,7 @@ import ldap import string import re -from ipaserver.context import context +from ipalib.request import context from ipaserver import ipaldap import ipautil from ipalib import errors @@ -86,7 +86,7 @@ def get_entry (base, scope, searchfilter, sattrs=None): """ ent="" - ent = context.conn.getConn().getEntry(base, scope, searchfilter, sattrs) + ent = context.ldap.conn.getEntry(base, scope, searchfilter, sattrs) return convert_entry(ent) @@ -117,7 +117,7 @@ def get_list (base, searchfilter, sattrs=None, scope=ldap.SCOPE_SUBTREE): """ entries = [] - entries = context.conn.getConn().getList(base, scope, searchfilter, sattrs) + entries = context.ldap.conn.getList(base, scope, searchfilter, sattrs) return map(convert_entry, entries) @@ -252,22 +252,22 @@ def update_entry (entry, remove_keys=[]): # FIXME: return a missing DN error message raise e - return context.conn.getConn().updateEntry(moddn, oldentry, newentry) + return context.ldap.conn.updateEntry(moddn, oldentry, newentry) def add_entry(entry): """Add a new entry""" - return context.conn.getConn().addEntry(entry) + return context.ldap.conn.addEntry(entry) def delete_entry(dn): """Remove an entry""" - return context.conn.getConn().deleteEntry(dn) + return context.ldap.conn.deleteEntry(dn) # FIXME, get time and search limit from cn=ipaconfig def search(base, filter, attributes, timelimit=1, sizelimit=3000): """Perform an LDAP query""" try: timelimit = float(timelimit) - results = context.conn.getConn().getListAsync(base, ldap.SCOPE_SUBTREE, + results = context.ldap.conn.getListAsync(base, ldap.SCOPE_SUBTREE, filter, attributes, 0, None, None, timelimit, sizelimit) except ldap.NO_SUCH_OBJECT: raise errors.NotFound @@ -322,7 +322,7 @@ def get_ipa_config(): return config def modify_password(dn, oldpass, newpass): - return context.conn.getConn().modifyPassword(dn, oldpass, newpass) + return context.ldap.conn.modifyPassword(dn, oldpass, newpass) def mark_entry_active (dn): """Mark an entry as active in LDAP.""" diff --git a/lite-xmlrpc.py b/lite-xmlrpc.py index 811fe21c8..d755dfa3f 100755 --- a/lite-xmlrpc.py +++ b/lite-xmlrpc.py @@ -25,11 +25,9 @@ In-tree XML-RPC server using SimpleXMLRPCServer. import sys from SimpleXMLRPCServer import SimpleXMLRPCServer +import krbV from ipalib import api -api.bootstrap_with_global_options(context='server') -api.finalize() - class Instance(object): """ @@ -52,13 +50,22 @@ class Server(SimpleXMLRPCServer): """ Use `ipaserver.rpcserver.xmlserver.marshaled_dispatch()`. """ - return api.Backend.xmlserver.marshaled_dispatch(data) + try: + ccache=krbV.default_context().default_ccache().name + return api.Backend.xmlserver.marshaled_dispatch(data, ccache) + except Exception, e: + api.log.exception('Error caught by lite-xmlrpc.py...') + raise e +api.bootstrap_with_global_options(context='server') +api.finalize() + kw = dict(logRequests=False) if sys.version_info[:2] != (2, 4): kw.update(dict(encoding='UTF-8', allow_none=True)) server = Server(('', api.env.lite_xmlrpc_port), **kw) + api.log.info('Logging to file %r', api.env.log) api.log.info('Listening on port %d', api.env.lite_xmlrpc_port) server.register_introspection_functions() -- cgit