diff options
| author | Ziad Sawalha <github@highbridgellc.com> | 2011-04-28 19:47:21 -0700 |
|---|---|---|
| committer | Ziad Sawalha <github@highbridgellc.com> | 2011-04-28 19:47:21 -0700 |
| commit | 0ed0eaaa348e6e785ee220b0e43042be127d22d0 (patch) | |
| tree | e9f3a436729156579fccaeccec89b73026f79255 /echo | |
| parent | b42d40a726868be543e877706958a0921d4dcd93 (diff) | |
Basic Auth support
Diffstat (limited to 'echo')
| -rw-r--r-- | echo/echo/echo.py | 22 | ||||
| -rw-r--r-- | echo/echo/echo_basic.ini | 36 |
2 files changed, 52 insertions, 6 deletions
diff --git a/echo/echo/echo.py b/echo/echo/echo.py index ee950b37..85e3364b 100644 --- a/echo/echo/echo.py +++ b/echo/echo/echo.py @@ -97,23 +97,33 @@ def app_factory(global_conf, **local_conf): return EchoApp if __name__ == "__main__": - remote_auth = False + parameter = '' if len(sys.argv) > 1: - remote_auth = sys.argv[1] == '--remote' + parameter = sys.argv[1] - if remote_auth: + if parameter == '--remote': # running auth remotely - print "Running for use with remote auth" + print "Running with remote Token Auth" app = loadapp("config:" + \ os.path.join(os.path.abspath(os.path.dirname(__file__)), "echo_remote.ini"), global_conf={"log_name": "echo.log"}) wsgi.server(eventlet.listen(('', 8100)), app) + elif parameter == '--basic': + # running auth remotely + print "Running for use with Basic Auth" + + app = loadapp("config:" + \ + os.path.join(os.path.abspath(os.path.dirname(__file__)), + "echo_basic.ini"), global_conf={"log_name": "echo.log"}) + + wsgi.server(eventlet.listen(('', 8090)), app) else: - print "Running all components locally." - print "Use --remote option to run with remote auth proxy" + print "Running with local Token Auth" + print " Use --remote option to run with remote token auth proxy" + print " Use --basic option to run with basic auth" app = loadapp("config:" + \ os.path.join(os.path.abspath(os.path.dirname(__file__)), "echo.ini"), global_conf={"log_name": "echo.log"}) diff --git a/echo/echo/echo_basic.ini b/echo/echo/echo_basic.ini new file mode 100644 index 00000000..38da0c66 --- /dev/null +++ b/echo/echo/echo_basic.ini @@ -0,0 +1,36 @@ +[DEFAULT] +;delegated means we still allow unauthenticated requests through so the +;service can make the final decision on authentication +delay_auth_decision = 0 + +;where to find the OpenStack service (if not in local WSGI chain) +service_protocol = http +service_host = 127.0.0.1 +service_port = 8090 +;used to verify this component with the OpenStack service (or PAPIAuth) +service_pass = dTpw + + +[app:echo] +paste.app_factory = echo:app_factory + +[pipeline:main] +pipeline = + basicauth + echo + +[filter:tokenauth] +paste.filter_factory = keystone:tokenauth_factory +;where to find the token auth service +auth_host = 127.0.0.1 +auth_port = 8080 +auth_protocol = http +;how to authenticate to the auth service for priviledged operations +;like validate token +admin_token = 999888777666 + +[filter:basicauth] +paste.filter_factory = keystone:basicauth_factory + +[filter:openidauth] +paste.filter_factory = keystone:openidauth_factory |