diff options
| author | Ziad Sawalha <github@highbridgellc.com> | 2011-04-27 23:13:40 -0700 |
|---|---|---|
| committer | Ziad Sawalha <github@highbridgellc.com> | 2011-04-27 23:13:40 -0700 |
| commit | fb12e9a70fef20cb8f0df4220bfb259ca49ca763 (patch) | |
| tree | 2f3a35363577d93e93f255b1c731a0ea7e25c280 | |
| parent | 055aa283d55888a9eafc174c5a7f2a427531fd55 (diff) | |
| download | keystone-fb12e9a70fef20cb8f0df4220bfb259ca49ca763.tar.gz keystone-fb12e9a70fef20cb8f0df4220bfb259ca49ca763.tar.xz keystone-fb12e9a70fef20cb8f0df4220bfb259ca49ca763.zip | |
Restored remoteauth
| -rw-r--r-- | keystone/middleware/remoteauth.py (renamed from keystone/middleware/papiauth.py) | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/keystone/middleware/papiauth.py b/keystone/middleware/remoteauth.py index 0af14bb9..5919abd6 100644 --- a/keystone/middleware/papiauth.py +++ b/keystone/middleware/remoteauth.py @@ -58,7 +58,7 @@ HTTP_X_AUTHORIZATION: the client identity being passed in from webob.exc import HTTPUseProxy, HTTPUnauthorized -class PAPIAuth(object): +class RemoteAuth(object): # app is the downstream WSGI component, usually the OpenStack service # @@ -70,11 +70,11 @@ class PAPIAuth(object): self.app = app self.conf = conf # where to redirect untrusted requests to go and auth - self.proxy_location = conf.get('proxy_location') + self.auth_location = conf.get('auth_location') # secret that will tell us a request is coming from a trusted auth # component - self.auth_pass = conf.get('auth_pass', 'dTpw') - print 'Starting PAPI Auth middleware' + self.remote_auth_pass = conf.get('remote_auth_pass') + print 'Starting Remote Auth middleware' def __call__(self, env, start_response): # Validate the request is trusted @@ -84,12 +84,12 @@ class PAPIAuth(object): return HTTPUnauthorized(headers=headers)(env, start_response) else: auth_type, encoded_creds = env['HTTP_AUTHORIZATION'].split(None, 1) - if encoded_creds != self.auth_pass: + if encoded_creds != self.remote_auth_pass: return HTTPUnauthorized(headers=headers)(env, start_response) # Make sure that the user has been authenticated by the Auth Service if 'HTTP_X_AUTHORIZATION' not in env: - return HTTPUseProxy(location=self.proxy_location)(env, + return HTTPUseProxy(location=self.auth_location)(env, start_response) return self.app(env, start_response) @@ -101,5 +101,5 @@ def filter_factory(global_conf, **local_conf): conf.update(local_conf) def auth_filter(app): - return PAPIAuth(app, conf) + return RemoteAuth(app, conf) return auth_filter |