From 0ed0eaaa348e6e785ee220b0e43042be127d22d0 Mon Sep 17 00:00:00 2001
From: Ziad Sawalha <github@highbridgellc.com>
Date: Thu, 28 Apr 2011 19:47:21 -0700
Subject: Basic Auth support

---
 echo/echo/echo.py        | 22 ++++++++++++++++------
 echo/echo/echo_basic.ini | 36 ++++++++++++++++++++++++++++++++++++
 2 files changed, 52 insertions(+), 6 deletions(-)
 create mode 100644 echo/echo/echo_basic.ini

(limited to 'echo')

diff --git a/echo/echo/echo.py b/echo/echo/echo.py
index ee950b37..85e3364b 100644
--- a/echo/echo/echo.py
+++ b/echo/echo/echo.py
@@ -97,23 +97,33 @@ def app_factory(global_conf, **local_conf):
     return EchoApp
 
 if __name__ == "__main__":
-    remote_auth = False
+    parameter = ''
     if len(sys.argv) > 1:
-        remote_auth = sys.argv[1] == '--remote'
+        parameter = sys.argv[1]
 
-    if remote_auth:
+    if parameter == '--remote':
         # running auth remotely
-        print "Running for use with remote auth"
+        print "Running with remote Token Auth"
 
         app = loadapp("config:" + \
             os.path.join(os.path.abspath(os.path.dirname(__file__)),
             "echo_remote.ini"), global_conf={"log_name": "echo.log"})
 
         wsgi.server(eventlet.listen(('', 8100)), app)
+    elif parameter == '--basic':
+        # running auth remotely
+        print "Running for use with Basic Auth"
+
+        app = loadapp("config:" + \
+            os.path.join(os.path.abspath(os.path.dirname(__file__)),
+            "echo_basic.ini"), global_conf={"log_name": "echo.log"})
+
+        wsgi.server(eventlet.listen(('', 8090)), app)
 
     else:
-        print "Running all components locally."
-        print "Use --remote option to run with remote auth proxy"
+        print "Running with local Token Auth"
+        print "   Use --remote option to run with remote token auth proxy"
+        print "   Use --basic option to run with basic auth"
         app = loadapp("config:" + \
             os.path.join(os.path.abspath(os.path.dirname(__file__)),
             "echo.ini"), global_conf={"log_name": "echo.log"})
diff --git a/echo/echo/echo_basic.ini b/echo/echo/echo_basic.ini
new file mode 100644
index 00000000..38da0c66
--- /dev/null
+++ b/echo/echo/echo_basic.ini
@@ -0,0 +1,36 @@
+[DEFAULT]
+;delegated means we still allow unauthenticated requests through so the
+;service can make the final decision on authentication
+delay_auth_decision = 0
+
+;where to find the OpenStack service (if not in local WSGI chain)
+service_protocol = http
+service_host = 127.0.0.1
+service_port = 8090
+;used to verify this component with the OpenStack service (or PAPIAuth)
+service_pass = dTpw
+
+
+[app:echo]
+paste.app_factory = echo:app_factory
+
+[pipeline:main]
+pipeline =
+    basicauth
+    echo
+
+[filter:tokenauth]
+paste.filter_factory = keystone:tokenauth_factory
+;where to find the token auth service
+auth_host = 127.0.0.1
+auth_port = 8080
+auth_protocol = http
+;how to authenticate to the auth service for priviledged operations
+;like validate token
+admin_token = 999888777666
+
+[filter:basicauth]
+paste.filter_factory = keystone:basicauth_factory
+
+[filter:openidauth]
+paste.filter_factory = keystone:openidauth_factory
-- 
cgit