diff options
Diffstat (limited to 'ipsilon/login/authgssapi.py')
-rw-r--r-- | ipsilon/login/authgssapi.py | 58 |
1 files changed, 29 insertions, 29 deletions
diff --git a/ipsilon/login/authgssapi.py b/ipsilon/login/authgssapi.py index dbb531a..97c3834 100644 --- a/ipsilon/login/authgssapi.py +++ b/ipsilon/login/authgssapi.py @@ -24,7 +24,7 @@ import cherrypy import os -class Krb(LoginPageBase): +class GSSAPI(LoginPageBase): def root(self, *args, **kwargs): # Someone typed manually or a robot is walking th tree. @@ -32,7 +32,7 @@ class Krb(LoginPageBase): return self.lm.redirect_to_path(self.lm.path) -class KrbAuth(LoginPageBase): +class GSSAPIAuth(LoginPageBase): def root(self, *args, **kwargs): trans = self.get_valid_transaction('login', **kwargs) @@ -44,16 +44,16 @@ class KrbAuth(LoginPageBase): if not self.user.is_anonymous: principal = cherrypy.request.wsgi_environ.get('GSS_NAME', None) if principal: - userdata = {'krb_principal_name': principal} + userdata = {'gssapi_principal_name': principal} else: - userdata = {'krb_principal_name': self.user.name} + userdata = {'gssapi_principal_name': self.user.name} return self.lm.auth_successful(trans, self.user.name, - 'krb', userdata) + 'gssapi', userdata) else: return self.lm.auth_failed(trans) -class KrbError(LoginPageBase): +class GSSAPIError(LoginPageBase): def root(self, *args, **kwargs): cherrypy.log.error('REQUEST: %s' % cherrypy.request.headers) @@ -68,8 +68,8 @@ class KrbError(LoginPageBase): return next_login.page.root(*args, **kwargs) conturl = '%s/login' % self.basepath - return self._template('login/krb.html', - title='Kerberos Login', + return self._template('login/gssapi.html', + title='GSSAPI Login', cont=conturl) # If we get here, negotiate failed @@ -81,25 +81,25 @@ class LoginManager(LoginManagerBase): def __init__(self, *args, **kwargs): super(LoginManager, self).__init__(*args, **kwargs) - self.name = 'krb' - self.path = 'krb/negotiate' + self.name = 'gssapi' + self.path = 'gssapi/negotiate' self.page = None self.description = """ -Kerberos Negotiate authentication plugin. Relies on the mod_auth_gssapi +GSSAPI Negotiate authentication plugin. Relies on the mod_auth_gssapi apache plugin for actual authentication. """ self.new_config(self.name) def get_tree(self, site): - self.page = Krb(site, self) - self.page.__dict__['negotiate'] = KrbAuth(site, self) - self.page.__dict__['unauthorized'] = KrbError(site, self) - self.page.__dict__['failed'] = KrbError(site, self) + self.page = GSSAPI(site, self) + self.page.__dict__['negotiate'] = GSSAPIAuth(site, self) + self.page.__dict__['unauthorized'] = GSSAPIError(site, self) + self.page.__dict__['failed'] = GSSAPIError(site, self) return self.page CONF_TEMPLATE = """ -<Location /${instance}/login/krb/negotiate> +<Location /${instance}/login/gssapi/negotiate> AuthType GSSAPI AuthName "GSSAPI Single Sign On Login" $keytab @@ -107,8 +107,8 @@ CONF_TEMPLATE = """ GssapiLocalName on Require valid-user - ErrorDocument 401 /${instance}/login/krb/unauthorized - ErrorDocument 500 /${instance}/login/krb/failed + ErrorDocument 401 /${instance}/login/gssapi/unauthorized + ErrorDocument 500 /${instance}/login/gssapi/failed </Location> """ @@ -117,25 +117,25 @@ class Installer(LoginManagerInstaller): def __init__(self, *pargs): super(Installer, self).__init__() - self.name = 'krb' + self.name = 'gssapi' self.pargs = pargs def install_args(self, group): - group.add_argument('--krb', choices=['yes', 'no'], default='no', - help='Configure Kerberos authentication') - group.add_argument('--krb-httpd-keytab', + group.add_argument('--gssapi', choices=['yes', 'no'], default='no', + help='Configure GSSAPI authentication') + group.add_argument('--gssapi-httpd-keytab', default='/etc/httpd/conf/http.keytab', help='Kerberos keytab location for HTTPD') def configure(self, opts): - if opts['krb'] != 'yes': + if opts['gssapi'] != 'yes': return confopts = {'instance': opts['instance']} - if os.path.exists(opts['krb_httpd_keytab']): + if os.path.exists(opts['gssapi_httpd_keytab']): confopts['keytab'] = 'GssapiCredStore keytab:%s' % ( - opts['krb_httpd_keytab']) + opts['gssapi_httpd_keytab']) else: raise Exception('Keytab not found') @@ -151,14 +151,14 @@ class Installer(LoginManagerInstaller): # Add configuration data to database po = PluginObject(*self.pargs) - po.name = 'krb' + po.name = 'gssapi' po.wipe_data() - # Update global config, put 'krb' always first + # Update global config, put 'gssapi' always first ph = self.pargs[0] ph.refresh_enabled() - if 'krb' not in ph.enabled: + if 'gssapi' not in ph.enabled: enabled = [] enabled.extend(ph.enabled) - enabled.insert(0, 'krb') + enabled.insert(0, 'gssapi') ph.save_enabled(enabled) |