From 6ae1de954f1edf33cd4d13897c35c820e57d39a9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C5=81ukasz=20Nowak?= <luke@nexedi.com>
Date: Tue, 18 Jan 2011 10:37:00 +0000
Subject: [PATCH]  - add extraction plugin implemlentation which uses
 REMOTE_USER and sets    machine_login, but fallback to default
 DumbHTTPExtractor in case if    no REMOTE_USER is set  - use machine_login
 instead of login, to be synchronised with value    from extraction plugin

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@42407 20353a03-c40f-0410-a6d1-a30d3c3de9de
---
 .../Vifib/VifibMachineAuthenticationPlugin.py | 37 +++++++++++++++----
 1 file changed, 30 insertions(+), 7 deletions(-)

diff --git a/product/Vifib/VifibMachineAuthenticationPlugin.py b/product/Vifib/VifibMachineAuthenticationPlugin.py
index 344f7af89d..70d1fbed48 100644
--- a/product/Vifib/VifibMachineAuthenticationPlugin.py
+++ b/product/Vifib/VifibMachineAuthenticationPlugin.py
@@ -40,6 +40,7 @@ from Products.PluggableAuthService.plugins.BasePlugin import BasePlugin
 from Products.ERP5Type.Cache import transactional_cached
 from Products.ERP5Security.ERP5UserManager import SUPER_USER
 from ZODB.POSException import ConflictError
+from Products.PluggableAuthService.PluggableAuthService import DumbHTTPExtractor
 
 #Form for new plugin in ZMI
 manage_addVifibMachineAuthenticationPluginForm = PageTemplateFile(
@@ -93,24 +94,42 @@ class VifibMachineAuthenticationPlugin(BasePlugin):
   meta_type = "Vifib Machine Authentication Plugin"
   security = ClassSecurityInfo()
 
-  manage_options = (({'label': 'Edit',
-                      'action': 'manage_editVifibMAchineAuthenticationPluginForm',},
-                     )
-                    + BasePlugin.manage_options[:]
-                    )
-
   def __init__(self, id, title=None):
     #Register value
     self._setId(id)
     self.title = title
 
+  ####################################
+  #ILoginPasswordHostExtractionPlugin#
+  ####################################
+  security.declarePrivate('extractCredentials')
+  def extractCredentials(self, request):
+    """ Extract credentials from the request header. """
+    creds = {}
+    getHeader = getattr(request, 'getHeader', None)
+    if getHeader is None:
+      # use get_header instead for Zope-2.8
+      getHeader = request.get_header
+    user_id = getHeader('REMOTE_USER')
+    if user_id is not None:
+      creds['machine_login'] = user_id
+      creds['remote_host'] = request.get('REMOTE_HOST', '')
+      try:
+        creds['remote_address'] = request.getClientAddr()
+      except AttributeError:
+        creds['remote_address'] = request.get('REMOTE_ADDR', '')
+      return creds
+    else:
+      # fallback to default way
+      return DumbHTTPExtractor().extractCredentials(request)
+
   ################################
   #     IAuthenticationPlugin    #
   ################################
   security.declarePrivate('authenticateCredentials')
   def authenticateCredentials(self, credentials):
     """Authentificate with credentials"""
-    login = credentials.get('login', None)
+    login = credentials.get('machine_login', None)
     # Forbidden the usage of the super user.
     if login == SUPER_USER:
       return None
@@ -149,5 +168,9 @@ class VifibMachineAuthenticationPlugin(BasePlugin):
 #List implementation of class
 classImplements(VifibMachineAuthenticationPlugin,
                 plugins.IAuthenticationPlugin)
+classImplements( VifibMachineAuthenticationPlugin,
+                plugins.ILoginPasswordHostExtractionPlugin
+               )
+
 
 InitializeClass(VifibMachineAuthenticationPlugin)
-- 
2.30.9