from ipsilon.login.common import LoginPageBase, LoginManagerBase
from ipsilon.login.common import FACILITY
from ipsilon.util.plugin import PluginObject
+from ipsilon.util.user import UserSession
from string import Template
import cherrypy
import os
class KrbAuth(LoginPageBase):
def root(self, *args, **kwargs):
+ trans = self.get_valid_transaction('login', **kwargs)
# If we can get here, we must be authenticated and remote_user
# was set. Check the session has a user set already or error.
- if self.user and self.user.name:
+ us = UserSession()
+ us.remote_login()
+ self.user = us.get_user()
+ if not self.user.is_anonymous:
userdata = {'krb_principal_name': self.user.name}
- return self.lm.auth_successful(self.user.name, 'krb', userdata)
+ return self.lm.auth_successful(trans, self.user.name,
+ 'krb', userdata)
else:
- return self.lm.auth_failed()
+ return self.lm.auth_failed(trans)
class KrbError(LoginPageBase):
cont=conturl)
# If we get here, negotiate failed
- return self.lm.auth_failed()
+ trans = self.get_valid_transaction('login', **kwargs)
+ return self.lm.auth_failed(trans)
class LoginManager(LoginManagerBase):
self.description = """
Kereros Negotiate authentication plugin. Relies on the mod_auth_kerb apache
plugin for actual authentication. """
+ self.new_config(self.name)
def get_tree(self, site):
self.page = Krb(site, self)
order = []
order.insert(0, 'krb')
globalconf['order'] = ','.join(order)
- po.set_config(globalconf)
- po.save_plugin_config(FACILITY)
+ po.save_plugin_config(FACILITY, globalconf)