summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRob Crittenden <rcritten@redhat.com>2015-04-22 17:29:25 -0400
committerSimo Sorce <simo@redhat.com>2015-04-27 11:51:24 -0400
commite5a7774427adf44c2100c5535aca569f938e7c2d (patch)
tree5b16d6586a25aeb0f71b21cd8cecd67dd92148d3
parent44f663ac7dc5a6f28b25b083a21f6d9e912cff92 (diff)
downloadipsilon-e5a7774427adf44c2100c5535aca569f938e7c2d.tar.gz
ipsilon-e5a7774427adf44c2100c5535aca569f938e7c2d.tar.xz
ipsilon-e5a7774427adf44c2100c5535aca569f938e7c2d.zip
Populate krb_principal_name from GSS_NAME env var
mod_auth_gssapi provides by default the local name in REMOTE_USER and the full principal in GSS_NAME. Grab a copy of that principal for krb_principal_name. https://fedorahosted.org/ipsilon/ticket/115 Signed-off-by: Rob Crittenden <rcritten@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>
Diffstat
-rw-r--r--ipsilon/login/authkrb.py6
1 files changed, 5 insertions, 1 deletions
diff --git a/ipsilon/login/authkrb.py b/ipsilon/login/authkrb.py
index 6fc0c53..dbb531a 100644
--- a/ipsilon/login/authkrb.py
+++ b/ipsilon/login/authkrb.py
@@ -42,7 +42,11 @@ class KrbAuth(LoginPageBase):
us.remote_login()
self.user = us.get_user()
if not self.user.is_anonymous:
- userdata = {'krb_principal_name': self.user.name}
+ principal = cherrypy.request.wsgi_environ.get('GSS_NAME', None)
+ if principal:
+ userdata = {'krb_principal_name': principal}
+ else:
+ userdata = {'krb_principal_name': self.user.name}
return self.lm.auth_successful(trans, self.user.name,
'krb', userdata)
else:
generated by cgit (git 2.34.1) at 2024-04-23 19:52:04 +0000