From ed6ab17c9c703edb43c92a3205c5536771ce4d4f Mon Sep 17 00:00:00 2001 From: "rcritten@redhat.com" Date: Tue, 11 Sep 2007 02:48:53 -0400 Subject: Add function to allow user's to set/reset their kerberos password Remove some unused calls to retrieve the current realm --- ipa-server/xmlrpc-server/ipaxmlrpc.py | 1 + 1 file changed, 1 insertion(+) (limited to 'ipa-server/xmlrpc-server/ipaxmlrpc.py') diff --git a/ipa-server/xmlrpc-server/ipaxmlrpc.py b/ipa-server/xmlrpc-server/ipaxmlrpc.py index f2ddd35e..a4ae4e7c 100644 --- a/ipa-server/xmlrpc-server/ipaxmlrpc.py +++ b/ipa-server/xmlrpc-server/ipaxmlrpc.py @@ -308,6 +308,7 @@ def handler(req, profiling=False): h.register_function(f.update_user) h.register_function(f.delete_user) h.register_function(f.mark_user_deleted) + h.register_function(f.modifyPassword) h.register_function(f.get_group_by_cn) h.register_function(f.get_group_by_dn) h.register_function(f.add_group) -- cgit From b85668579ec3fc69c2ed709533f8bd8d00e0e7e9 Mon Sep 17 00:00:00 2001 From: "rcritten@redhat.com" Date: Fri, 14 Sep 2007 17:19:02 -0400 Subject: Use ticket forwarding with TurboGears. mod_proxy forwards the principal name and location of the keytab. In order for this keytab to be usable TurboGears and Apache will need to run as the same user. We will also need to listen only on localhost in TG. --- ipa-server/xmlrpc-server/ipaxmlrpc.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'ipa-server/xmlrpc-server/ipaxmlrpc.py') diff --git a/ipa-server/xmlrpc-server/ipaxmlrpc.py b/ipa-server/xmlrpc-server/ipaxmlrpc.py index a4ae4e7c..861de8e5 100644 --- a/ipa-server/xmlrpc-server/ipaxmlrpc.py +++ b/ipa-server/xmlrpc-server/ipaxmlrpc.py @@ -138,7 +138,7 @@ class ModXMLRPCRequestHandler(object): opts['remoteuser'] = req.user if req.subprocess_env.get("KRB5CCNAME") is not None: - opts['keytab'] = req.subprocess_env.get("KRB5CCNAME") + opts['krbccache'] = req.subprocess_env.get("KRB5CCNAME") # Tack onto the end of the passed-in arguments any options we also # need -- cgit