Require positive authentication in all cases

Provide a SimpleNULLAuth class for people that want to allow unauthenticated access fto specific paths for whatever reason.
author: Simo Sorce <simo@redhat.com> 2015-03-25 13:35:29 -0400
committer: Simo Sorce <simo@redhat.com> 2015-03-25 15:19:33 -0400
commit: 136e1ae76a79ada048a5eb5808b40b8969c7aaf2 (patch)
tree: e2cc86568cd67d239e156ebc04a1a6c7d5e6ee52 /custodia/http/server.py
parent: f134e09fa91fd1e00f538ef3e403ff6a35d21e8e (diff)
download: custodia-136e1ae76a79ada048a5eb5808b40b8969c7aaf2.tar.gz
custodia-136e1ae76a79ada048a5eb5808b40b8969c7aaf2.tar.xz
custodia-136e1ae76a79ada048a5eb5808b40b8969c7aaf2.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/custodia/http/server.py b/custodia/http/server.py
index 5b3ec30..423af9c 100644
--- a/custodia/http/server.py
+++ b/custodia/http/server.py
@@ -61,6 +61,8 @@ class ForkingLocalHTTPServer(ForkingMixIn, UnixStreamServer):
             raise HTTPError(403)
         for auth in authers:
             authers[auth].handle(request)
+        if 'valid_auth' not in request or request['valid_auth'] is not True:
+            raise HTTPError(403)
 
         # Select consumer
         path = request.get('path', '')
author	Simo Sorce <simo@redhat.com>	2015-03-25 13:35:29 -0400
committer	Simo Sorce <simo@redhat.com>	2015-03-25 15:19:33 -0400
commit	136e1ae76a79ada048a5eb5808b40b8969c7aaf2 (patch)
tree	e2cc86568cd67d239e156ebc04a1a6c7d5e6ee52 /custodia/http/server.py
parent	f134e09fa91fd1e00f538ef3e403ff6a35d21e8e (diff)
download	custodia-136e1ae76a79ada048a5eb5808b40b8969c7aaf2.tar.gz custodia-136e1ae76a79ada048a5eb5808b40b8969c7aaf2.tar.xz custodia-136e1ae76a79ada048a5eb5808b40b8969c7aaf2.zip