cascardo/ipsilon.git
5 years agoAdd debug logging of lasso library
Simo Sorce [Fri, 11 Apr 2014 20:36:16 +0000 (16:36 -0400)]
Add debug logging of lasso library

If debug is enabled make lasso spit debug messages to stderr too, to aid
admins in resolving issues related to saml2 issues, like finding out why
a metadata file may be rejected.

This is very simple for now, a future enhancement may involve piping the
logs into a calss so they can be spat out as feedback to users.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoReturn Idps metadata file on request
Simo Sorce [Mon, 7 Apr 2014 22:41:12 +0000 (18:41 -0400)]
Return Idps metadata file on request

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoFix generation of endopint URLs
Simo Sorce [Mon, 7 Apr 2014 22:28:41 +0000 (18:28 -0400)]
Fix generation of endopint URLs

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoChange provider plugins registration and enablement
Simo Sorce [Mon, 7 Apr 2014 20:49:06 +0000 (16:49 -0400)]
Change provider plugins registration and enablement

When plugins are not enabled at startup the admin page is not available
as it is created only on enablement.

Split enablement and registration, so plugins can be registered even
when actually disabled.

Also rework the way enablement is tracked and make sure enablement status
is saved back to the database when it changes so it is kept on restarts.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd explicit error for Unknown Providers
Simo Sorce [Fri, 11 Apr 2014 21:24:46 +0000 (17:24 -0400)]
Add explicit error for Unknown Providers

This way the user will get a slightly more meaningful error message.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoProperly support rename operation
Simo Sorce [Fri, 4 Apr 2014 22:01:19 +0000 (18:01 -0400)]
Properly support rename operation

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdmin functions to delete Service Providers
Simo Sorce [Fri, 4 Apr 2014 17:19:51 +0000 (13:19 -0400)]
Admin functions to delete Service Providers

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd infrastructure to delete plugin data by id
Simo Sorce [Fri, 4 Apr 2014 17:26:02 +0000 (13:26 -0400)]
Add infrastructure to delete plugin data by id

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdmin functions to add new Service Providers
Simo Sorce [Fri, 4 Apr 2014 17:08:02 +0000 (13:08 -0400)]
Admin functions to add new Service Providers

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdmin classes to change SP properties
Simo Sorce [Fri, 4 Apr 2014 17:07:19 +0000 (13:07 -0400)]
Admin classes to change SP properties

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoProviders can save properties back to the database
Simo Sorce [Thu, 3 Apr 2014 19:42:35 +0000 (15:42 -0400)]
Providers can save properties back to the database

This way a provider class can be used in admin pages as well and remain
consistent.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd Service and Identity Provider abstraction
Simo Sorce [Thu, 3 Apr 2014 19:42:35 +0000 (15:42 -0400)]
Add Service and Identity Provider abstraction

This commit adds:
- helper functions to create new providers
- separate IdentityProvider class to represent the IDP.

Database changes:
The saml2 plugin database now contain the metadata file contents and does not
rely anymore on on-disk data.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd racefree way to add a new unique data point
Simo Sorce [Fri, 4 Apr 2014 14:34:21 +0000 (10:34 -0400)]
Add racefree way to add a new unique data point

Our schema gathers together data related to a service by using an ID
column. This column cannot be unique or a primary key as the ID is
repeated for each key/value pair in the datum group.

Use a unique identifier to make sure we can let dqlite generate a new
ID internally and then find out wat it is as race-free as possible.

We keep this method in the data module so it can be changed later
without affecting application logic.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoNo need to have a separate certificate file
Simo Sorce [Thu, 3 Apr 2014 21:10:18 +0000 (17:10 -0400)]
No need to have a separate certificate file

Certificates are already contained in the metadata.xml file

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoSaml2 initial admin page
Simo Sorce [Thu, 27 Mar 2014 16:57:19 +0000 (12:57 -0400)]
Saml2 initial admin page

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd generic support for IdP plugin admin pages
Simo Sorce [Thu, 27 Mar 2014 16:56:28 +0000 (12:56 -0400)]
Add generic support for IdP plugin admin pages

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoBasic Identity providers plugin configuration
Simo Sorce [Wed, 26 Mar 2014 19:20:16 +0000 (15:20 -0400)]
Basic Identity providers plugin configuration

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoRefactor provider plugins enablement
Simo Sorce [Thu, 27 Mar 2014 15:56:34 +0000 (11:56 -0400)]
Refactor provider plugins enablement

This allow to enable/disable Identity Providers directly from the
configuration interface.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoRefactor login plugin enablement code
Simo Sorce [Wed, 26 Mar 2014 21:31:19 +0000 (17:31 -0400)]
Refactor login plugin enablement code

This allows us to finally implement the plugin enable/disable configuration
buttons and enable/disable plugins on the fly.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAutomatically build configuration page menu
Simo Sorce [Wed, 26 Mar 2014 19:44:26 +0000 (15:44 -0400)]
Automatically build configuration page menu

Do not hardcode it, rather build it out of the pages tree.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd common way to add a subtree to a page
Simo Sorce [Fri, 28 Mar 2014 18:07:11 +0000 (14:07 -0400)]
Add common way to add a subtree to a page

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoMove login plugin configuration to its own module
Simo Sorce [Mon, 24 Mar 2014 20:59:41 +0000 (16:59 -0400)]
Move login plugin configuration to its own module

move also the template, in preparation for handling other configuration
data in the main page.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoMove admin_protect to a more generic module
Simo Sorce [Mon, 24 Mar 2014 21:06:05 +0000 (17:06 -0400)]
Move admin_protect to a more generic module

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoImplement plugin ordering configuration
Simo Sorce [Mon, 24 Mar 2014 20:37:15 +0000 (16:37 -0400)]
Implement plugin ordering configuration

Allows to change the login plugins order from the admin configuration page.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd a default admin user at install time
Simo Sorce [Thu, 20 Mar 2014 21:54:35 +0000 (17:54 -0400)]
Add a default admin user at install time

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd way to save user preferences
Simo Sorce [Thu, 20 Mar 2014 21:54:18 +0000 (17:54 -0400)]
Add way to save user preferences

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd install script and other spec file changes
Simo Sorce [Thu, 20 Mar 2014 15:36:10 +0000 (11:36 -0400)]
Add install script and other spec file changes

Add install script
Change server name to drop .py suffix
Add necessary requires

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd PAM configuration code
Simo Sorce [Thu, 20 Mar 2014 20:46:18 +0000 (16:46 -0400)]
Add PAM configuration code

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd Krb configuration code
Simo Sorce [Thu, 20 Mar 2014 16:45:21 +0000 (12:45 -0400)]
Add Krb configuration code

5 years agoAdd way to add data to the global login config
Simo Sorce [Thu, 20 Mar 2014 17:21:55 +0000 (13:21 -0400)]
Add way to add data to the global login config

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd saml2 configuration code
Simo Sorce [Tue, 18 Mar 2014 21:16:18 +0000 (17:16 -0400)]
Add saml2 configuration code

Creates the storage directory if not availble
Generates new IDP certificate
Generate metadata file
Fixups permissions

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd functions to wipe and save plugin config data
Simo Sorce [Wed, 19 Mar 2014 22:41:56 +0000 (18:41 -0400)]
Add functions to wipe and save plugin config data

This way all is needed is to instantiate a proper PluginObject from
any provider and just call its functions

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoSaml2 Metadata generator class
Simo Sorce [Tue, 18 Mar 2014 18:44:05 +0000 (14:44 -0400)]
Saml2 Metadata generator class

This class generates metadata files for IDP and SP services and is meant
to be used at install/configure time.
It uses the certs module to generate certificates.

With tests!

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoSimple certificate generator class
Simo Sorce [Tue, 18 Mar 2014 18:43:04 +0000 (14:43 -0400)]
Simple certificate generator class

For now just generates self-signed certificates.
In future this calss should connect to a CA, or other service like
certmnger's getcert to retrieve a certificate from a CA.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd user configuration option
Simo Sorce [Wed, 19 Mar 2014 20:30:53 +0000 (16:30 -0400)]
Add user configuration option

This allow to specifify what system user should be used to configure
the ipsilon server to run as.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd hostname configuration option
Simo Sorce [Tue, 18 Mar 2014 21:18:53 +0000 (17:18 -0400)]
Add hostname configuration option

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoSilence cherrypy logging to the screen
Simo Sorce [Tue, 18 Mar 2014 22:50:59 +0000 (18:50 -0400)]
Silence cherrypy logging to the screen

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoInstall default configuration files
Simo Sorce [Thu, 20 Mar 2014 16:16:52 +0000 (12:16 -0400)]
Install default configuration files

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd logging and install/uninstall targets
Simo Sorce [Tue, 18 Mar 2014 21:13:28 +0000 (17:13 -0400)]
Add logging and install/uninstall targets

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd server-install plugin configuration support
Simo Sorce [Fri, 14 Mar 2014 22:08:49 +0000 (18:08 -0400)]
Add server-install plugin configuration support

Automatically find plugins installed in the system and exposes their
installation and configuration functions through the installer.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoFirst install script commit
Simo Sorce [Fri, 14 Mar 2014 20:55:29 +0000 (16:55 -0400)]
First install script commit

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoFix minor syntax issues in saml2 provider
Simo Sorce [Wed, 19 Mar 2014 21:08:51 +0000 (17:08 -0400)]
Fix minor syntax issues in saml2 provider

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoRemove unused import and fix syntax
Simo Sorce [Wed, 19 Mar 2014 21:05:04 +0000 (17:05 -0400)]
Remove unused import and fix syntax

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd sample spec file
Simo Sorce [Fri, 7 Mar 2014 21:13:53 +0000 (16:13 -0500)]
Add sample spec file

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoFix default and example paths
Simo Sorce [Thu, 13 Mar 2014 20:43:18 +0000 (16:43 -0400)]
Fix default and example paths

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoFix install of data files.
Simo Sorce [Fri, 7 Mar 2014 21:21:56 +0000 (16:21 -0500)]
Fix install of data files.

Move doc and examples under appropriate directory.
Crate data directry for templates and ui static files.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoBetter handling of configuration file
Simo Sorce [Thu, 13 Mar 2014 20:05:46 +0000 (16:05 -0400)]
Better handling of configuration file

allow to pass it on the command line or to look for it in well known
locations.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoImprove exceptions for saml2 providers
Simo Sorce [Mon, 3 Mar 2014 00:03:38 +0000 (19:03 -0500)]
Improve exceptions for saml2 providers

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd ability to strip domain/realm per provider
Simo Sorce [Sun, 2 Mar 2014 23:32:06 +0000 (18:32 -0500)]
Add ability to strip domain/realm per provider

This allows to return (hopefully) the same name whether the user
authenticated via ESSO or form based authentication.

Crude for now, may be augmented with some regex configuration in the future.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoUnsplit checking functions
Simo Sorce [Sun, 2 Mar 2014 23:29:15 +0000 (18:29 -0500)]
Unsplit checking functions

Easier to deal with stuff if they are a single validation function.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd a way to return the email address of the user
Simo Sorce [Sun, 2 Mar 2014 23:09:27 +0000 (18:09 -0500)]
Add a way to return the email address of the user

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd way to return Kerberos nameid if available
Simo Sorce [Fri, 28 Feb 2014 21:16:25 +0000 (16:16 -0500)]
Add way to return Kerberos nameid if available

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd way to save user data after login
Simo Sorce [Sun, 2 Mar 2014 23:06:44 +0000 (18:06 -0500)]
Add way to save user data after login

The login manager that successfully authenticated the user can now
pass data to be stored in the user facility of the session.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoCreate a user facility in the session
Simo Sorce [Sun, 2 Mar 2014 22:59:14 +0000 (17:59 -0500)]
Create a user facility in the session

This way all identification data about the user can be managed in
a single place and be erased/replaced at login time.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoCheck the NameID policy during authentication
Simo Sorce [Thu, 27 Feb 2014 02:50:33 +0000 (21:50 -0500)]
Check the NameID policy during authentication

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd Service Provider class
Simo Sorce [Wed, 26 Feb 2014 23:42:09 +0000 (18:42 -0500)]
Add Service Provider class

This class allows to represent a service provider and its associated policy

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd authentication exception support
Simo Sorce [Tue, 25 Feb 2014 02:43:12 +0000 (21:43 -0500)]
Add authentication exception support

This also add code to return an error code to the SP.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoInitial SAML2 provider
Simo Sorce [Sun, 23 Feb 2014 23:41:13 +0000 (18:41 -0500)]
Initial SAML2 provider

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd way to tell if the session is anonymous
Simo Sorce [Sun, 23 Feb 2014 23:35:59 +0000 (18:35 -0500)]
Add way to tell if the session is anonymous

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd provider plugins loader
Simo Sorce [Fri, 24 Jan 2014 19:41:11 +0000 (14:41 -0500)]
Add provider plugins loader

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoUse cherrypy handlers to render error pages
Simo Sorce [Mon, 24 Feb 2014 23:34:17 +0000 (18:34 -0500)]
Use cherrypy handlers to render error pages

Replaces custom code to render 401 Unauthorized page as well as
adds 400 and 500 handlers

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoBetter session management at login
Simo Sorce [Sun, 23 Feb 2014 23:39:35 +0000 (18:39 -0500)]
Better session management at login

Save data bout the prformed authentication
Do not destroy the whole session at login, providers may need to store
data before the user is authenticate and retrieve it later if
authentication ws successful.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoImprove handing of session data
Simo Sorce [Sun, 23 Feb 2014 23:36:40 +0000 (18:36 -0500)]
Improve handing of session data

Add functions to store data in an organized way so that multiple plugins
can store data w/o stomping on each other.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd _debug facility to the Page class
Simo Sorce [Tue, 25 Feb 2014 00:58:10 +0000 (19:58 -0500)]
Add _debug facility to the Page class

Use this instead of th misleading "_log" name. These really are just
debugging statements not normal logging.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoMove default template arguments to its own function
Simo Sorce [Tue, 18 Feb 2014 20:08:12 +0000 (15:08 -0500)]
Move default template arguments to its own function

This way it is clearer what the defaults are, plus subclasses can
override the defaults if they so choose.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoLog available login managers
Simo Sorce [Tue, 18 Feb 2014 06:51:03 +0000 (01:51 -0500)]
Log available login managers

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoFix master-admin template upper left corner href
Simo Sorce [Tue, 18 Feb 2014 20:17:35 +0000 (15:17 -0500)]
Fix master-admin template upper left corner href

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd initial design document
Simo Sorce [Wed, 22 Jan 2014 23:34:59 +0000 (18:34 -0500)]
Add initial design document

For now, very high level direction of the project and intended high level
architecture.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoApply patternfly to administration pages
Petr Vobornik [Tue, 11 Feb 2014 16:36:37 +0000 (17:36 +0100)]
Apply patternfly to administration pages

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
5 years agoInitialize plugins in order defined in DB
Petr Vobornik [Mon, 27 Jan 2014 17:10:20 +0000 (18:10 +0100)]
Initialize plugins in order defined in DB

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
5 years agoKrb page
Petr Vobornik [Mon, 27 Jan 2014 17:09:30 +0000 (18:09 +0100)]
Krb page

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
5 years agoPAM page
Petr Vobornik [Tue, 28 Jan 2014 12:10:19 +0000 (13:10 +0100)]
PAM page

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
5 years agoLogin root page
Petr Vobornik [Tue, 28 Jan 2014 12:10:06 +0000 (13:10 +0100)]
Login root page

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
5 years agoUnauthorized page
Petr Vobornik [Mon, 27 Jan 2014 17:07:33 +0000 (18:07 +0100)]
Unauthorized page

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
5 years agoRoot pages
Petr Vobornik [Tue, 28 Jan 2014 12:09:54 +0000 (13:09 +0100)]
Root pages

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
5 years agoMaster template
Petr Vobornik [Mon, 27 Jan 2014 17:01:40 +0000 (18:01 +0100)]
Master template

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd images
Petr Vobornik [Fri, 24 Jan 2014 15:48:06 +0000 (16:48 +0100)]
Add images

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoRemove old CSS
Petr Vobornik [Mon, 27 Jan 2014 17:16:28 +0000 (18:16 +0100)]
Remove old CSS

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
5 years agoRegenerate CSS
Petr Vobornik [Mon, 27 Jan 2014 17:16:06 +0000 (18:16 +0100)]
Regenerate CSS

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
5 years agoMake CSS from LESS
Petr Vobornik [Mon, 27 Jan 2014 17:14:41 +0000 (18:14 +0100)]
Make CSS from LESS

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
5 years agoAdd own styles
Petr Vobornik [Mon, 27 Jan 2014 17:15:50 +0000 (18:15 +0100)]
Add own styles

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
5 years agoAdd 3rd party Javascript libraries
Petr Vobornik [Tue, 11 Feb 2014 16:32:14 +0000 (17:32 +0100)]
Add 3rd party Javascript libraries

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
5 years agoAdd PatternFly files
Petr Vobornik [Mon, 27 Jan 2014 17:15:31 +0000 (18:15 +0100)]
Add PatternFly files

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
5 years agoAdd Boostrap files
Petr Vobornik [Mon, 27 Jan 2014 17:15:12 +0000 (18:15 +0100)]
Add Boostrap files

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
5 years agoAdd help text to be shown on form based login page
Simo Sorce [Mon, 27 Jan 2014 21:25:12 +0000 (16:25 -0500)]
Add help text to be shown on form based login page

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd infrastructure to configure server
Simo Sorce [Fri, 24 Jan 2014 19:20:42 +0000 (14:20 -0500)]
Add infrastructure to configure server

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd sample apache configuration
Simo Sorce [Wed, 22 Jan 2014 16:40:57 +0000 (11:40 -0500)]
Add sample apache configuration

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd Kerberos Negotiate auth plugin
Simo Sorce [Mon, 20 Jan 2014 21:14:52 +0000 (16:14 -0500)]
Add Kerberos Negotiate auth plugin

This plugin depends on the proper configuration of mod_auth_kerb

The mod_auth_kerb plugin should be configured with a <Location> directive
like the folowing:

<Location /idp/login/krb/negotiate>
  AuthType Kerberos
  AuthName "Kerberos Login"
  KrbMethodNegotiate on
  KrbMethodK5Passwd off
  KrbServiceName HTTP
  KrbAuthRealms $REALM_NAME
  Krb5KeyTab $KEYTAB_NAME
  KrbSaveCredentials off
  KrbConstrainedDelegation off
  Require valid-user

  ErrorDocument 401 /idp/login/krb/unauthorized
</Location>

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd sample pam based login plugin
Simo Sorce [Fri, 20 Dec 2013 04:33:41 +0000 (23:33 -0500)]
Add sample pam based login plugin

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoImplement login plugin infrastructure
Simo Sorce [Fri, 24 Jan 2014 19:26:15 +0000 (14:26 -0500)]
Implement login plugin infrastructure

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoBetter infrastructure to load plugins
Simo Sorce [Fri, 24 Jan 2014 22:01:35 +0000 (17:01 -0500)]
Better infrastructure to load plugins

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoUse pep8 check
Petr Vobornik [Thu, 23 Jan 2014 17:11:26 +0000 (18:11 +0100)]
Use pep8 check

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoUse pylint check
Petr Vobornik [Thu, 23 Jan 2014 14:51:20 +0000 (15:51 +0100)]
Use pylint check

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
5 years agoFix Imports
Simo Sorce [Fri, 24 Jan 2014 20:57:28 +0000 (15:57 -0500)]
Fix Imports

Based on patches by Petr Voborni

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd missing packages
Petr Vobornik [Thu, 23 Jan 2014 17:12:06 +0000 (18:12 +0100)]
Add missing packages

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
5 years agoRename the main executable to idpserver.py
Simo Sorce [Fri, 24 Jan 2014 20:44:04 +0000 (15:44 -0500)]
Rename the main executable to idpserver.py

Based on a patch from Petr Voborni

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoFix __init__.py filename
Petr Vobornik [Thu, 23 Jan 2014 13:58:45 +0000 (14:58 +0100)]
Fix __init__.py filename

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
5 years agoRename src package to ipsilon
Simo Sorce [Fri, 24 Jan 2014 20:32:21 +0000 (15:32 -0500)]
Rename src package to ipsilon

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
5 years agoAdd build to .gitignore
Petr Vobornik [Fri, 24 Jan 2014 16:14:52 +0000 (17:14 +0100)]
Add build to .gitignore

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
5 years agoMove template and user retrieval to page class
Simo Sorce [Thu, 19 Dec 2013 03:44:25 +0000 (22:44 -0500)]
Move template and user retrieval to page class

Signed-off-by: Simo Sorce <simo@redhat.com>