diff options
author | Nathan Kinder <nkinder@redhat.com> | 2015-03-14 10:00:51 -0700 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2015-03-18 17:49:43 -0400 |
commit | 7f146bcbe3ae20db27e2daf294c19a40ccd419e6 (patch) | |
tree | a36b960ea52998fd75529569fc5c44146b00988d /ipsilon/install | |
parent | acd6db64e46c8fa5b93c07dc5ff5c5172ddfa4f6 (diff) | |
download | ipsilon-7f146bcbe3ae20db27e2daf294c19a40ccd419e6.tar.gz ipsilon-7f146bcbe3ae20db27e2daf294c19a40ccd419e6.tar.xz ipsilon-7f146bcbe3ae20db27e2daf294c19a40ccd419e6.zip |
Allow SP installation to be on non-standard ports
When setting up a SP using ipsilon-client-install, there is no
ability to use a non-standard port. We should allow a port number
to be specified that results in the proper URLs in the SP metadata.
This patch adds a --port option to ipsilon-client-install. This is
used in the construction of the URLs used in the SP metadata as well
as in the httpd redirect rules if httpd is being configured.
https://fedorahosted.org/ipsilon/ticket/92
Signed-off-by: Nathan Kinder <nkinder@redhat.com>
Reviewed-by: Rob Crittenden <rcritten@redhat.com>
Diffstat (limited to 'ipsilon/install')
-rwxr-xr-x | ipsilon/install/ipsilon-client-install | 21 |
1 files changed, 19 insertions, 2 deletions
diff --git a/ipsilon/install/ipsilon-client-install b/ipsilon/install/ipsilon-client-install index f7d9883..2390992 100755 --- a/ipsilon/install/ipsilon-client-install +++ b/ipsilon/install/ipsilon-client-install @@ -88,7 +88,12 @@ def saml2(): proto = 'https' if not args['saml_secure_setup']: proto = 'http' - url = '%s://%s' % (proto, args['hostname']) + + port_str = '' + if args['port']: + port_str = ':%s' % args['port'] + + url = '%s://%s%s' % (proto, args['hostname'], port_str) url_sp = url + args['saml_sp'] url_logout = url + args['saml_sp_logout'] url_post = url + args['saml_sp_post'] @@ -126,6 +131,11 @@ def saml2(): saml_secure = 'Off' ssl_require = '#' ssl_rewrite = '#' + if args['port']: + ssl_port = args['port'] + else: + ssl_port = '443' + if args['saml_secure_setup']: saml_secure = 'On' ssl_require = '' @@ -142,7 +152,9 @@ def saml2(): 'saml_auth': saml_auth, 'ssl_require': ssl_require, 'ssl_rewrite': ssl_rewrite, + 'ssl_port': ssl_port, 'sp_hostname': args['hostname'], + 'sp_port': port_str, 'sp': psp} files.write_from_template(SAML2_CONFFILE, SAML2_TEMPLATE, samlopts) @@ -233,6 +245,8 @@ def parse_args(): action='version', version='%(prog)s 0.1') parser.add_argument('--hostname', default=socket.getfqdn(), help="Machine's fully qualified host name") + parser.add_argument('--port', default=None, + help="Port number that SP listens on") parser.add_argument('--admin-user', default='admin', help="Account allowed to create a SP") parser.add_argument('--httpd-user', default='apache', @@ -268,7 +282,10 @@ def parse_args(): args = parse_config_profile(args) if len(args['hostname'].split('.')) < 2: - raise ValueError('Hostname: %s is not a FQDN.') + raise ValueError('Hostname: %s is not a FQDN.' % args['hostname']) + + if args['port'] and not args['port'].isdigit(): + raise ValueError('Port number: %s is not an integer.' % args['port']) # Validate that all path options begin with '/' path_args = ['saml_base', 'saml_auth', 'saml_sp', 'saml_sp_logout', |