Recent changes in how self.user is populated broke krb based auth.
Explicitly check the remote user in the module to fix it.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
from ipsilon.login.common import FACILITY
from ipsilon.util.plugin import PluginObject
from ipsilon.util.trans import Transaction
from ipsilon.login.common import FACILITY
from ipsilon.util.plugin import PluginObject
from ipsilon.util.trans import Transaction
+from ipsilon.util.user import UserSession
from string import Template
import cherrypy
import os
from string import Template
import cherrypy
import os
trans = Transaction('login', **kwargs)
# If we can get here, we must be authenticated and remote_user
# was set. Check the session has a user set already or error.
trans = Transaction('login', **kwargs)
# If we can get here, we must be authenticated and remote_user
# was set. Check the session has a user set already or error.
- if self.user and self.user.name:
+ us = UserSession()
+ us.remote_login()
+ self.user = us.get_user()
+ if not self.user.is_anonymous:
userdata = {'krb_principal_name': self.user.name}
return self.lm.auth_successful(trans, self.user.name,
'krb', userdata)
userdata = {'krb_principal_name': self.user.name}
return self.lm.auth_successful(trans, self.user.name,
'krb', userdata)