| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The server can be now configured using a new parameter called
"server_url".
Setting server_url to "http://0.0.0.0:80/" will make the server listen
on TCP port 80, while setting it to "http+unix://%2fsocket" will make
the server listen on the unix socket named "/socket".
The backwards compatible "server_socket" is retained and used if no
server_url is provided.
The request dict has a new field "client_id" that contains either a
PID or a peer name. In the future the field can be augmented with a
TLS client cert DN or other similar identifier.
Signed-off-by: Christian Heimes <cheimes@redhat.com>
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Christian Heimes <cheimes@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Christian Heimes <cheimes@redhat.com>
|
| | |
|
| |
|
|
|
|
|
|
|
| |
Authenticators will not signal anymore validity by adding a request
attributes.
Instead they can return on of three values:
- True, indicates positive authentication
- False, indicate explicit failure
- None, inicates neither success nor failure, not applicable
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a very simple implementation of a prototype API.
Anyone that has access to the server and causes an authentication
plugin to set the 'remote_user' value in the request, can retrieve
and store secrets,
Secrets are namespaced to the user requsteing them, so sharing secrets
between multiple users is not possible.
Secrets must to be of type "simple" and can only have one value.
The value can be anything that can be reprsented in json format.
It is recommended to pass a base64 encoded value.
|
|
|
This required the renaming of the http directory to avoid clashes with the
python3 own http/server module.
|
