From 6ae1de954f1edf33cd4d13897c35c820e57d39a9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Nowak?= <luke@nexedi.com> Date: Tue, 18 Jan 2011 10:37:00 +0000 Subject: [PATCH] - add extraction plugin implemlentation which uses REMOTE_USER and sets machine_login, but fallback to default DumbHTTPExtractor in case if no REMOTE_USER is set - use machine_login instead of login, to be synchronised with value from extraction plugin git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@42407 20353a03-c40f-0410-a6d1-a30d3c3de9de --- .../Vifib/VifibMachineAuthenticationPlugin.py | 37 +++++++++++++++---- 1 file changed, 30 insertions(+), 7 deletions(-) diff --git a/product/Vifib/VifibMachineAuthenticationPlugin.py b/product/Vifib/VifibMachineAuthenticationPlugin.py index 344f7af89d..70d1fbed48 100644 --- a/product/Vifib/VifibMachineAuthenticationPlugin.py +++ b/product/Vifib/VifibMachineAuthenticationPlugin.py @@ -40,6 +40,7 @@ from Products.PluggableAuthService.plugins.BasePlugin import BasePlugin from Products.ERP5Type.Cache import transactional_cached from Products.ERP5Security.ERP5UserManager import SUPER_USER from ZODB.POSException import ConflictError +from Products.PluggableAuthService.PluggableAuthService import DumbHTTPExtractor #Form for new plugin in ZMI manage_addVifibMachineAuthenticationPluginForm = PageTemplateFile( @@ -93,24 +94,42 @@ class VifibMachineAuthenticationPlugin(BasePlugin): meta_type = "Vifib Machine Authentication Plugin" security = ClassSecurityInfo() - manage_options = (({'label': 'Edit', - 'action': 'manage_editVifibMAchineAuthenticationPluginForm',}, - ) - + BasePlugin.manage_options[:] - ) - def __init__(self, id, title=None): #Register value self._setId(id) self.title = title + #################################### + #ILoginPasswordHostExtractionPlugin# + #################################### + security.declarePrivate('extractCredentials') + def extractCredentials(self, request): + """ Extract credentials from the request header. """ + creds = {} + getHeader = getattr(request, 'getHeader', None) + if getHeader is None: + # use get_header instead for Zope-2.8 + getHeader = request.get_header + user_id = getHeader('REMOTE_USER') + if user_id is not None: + creds['machine_login'] = user_id + creds['remote_host'] = request.get('REMOTE_HOST', '') + try: + creds['remote_address'] = request.getClientAddr() + except AttributeError: + creds['remote_address'] = request.get('REMOTE_ADDR', '') + return creds + else: + # fallback to default way + return DumbHTTPExtractor().extractCredentials(request) + ################################ # IAuthenticationPlugin # ################################ security.declarePrivate('authenticateCredentials') def authenticateCredentials(self, credentials): """Authentificate with credentials""" - login = credentials.get('login', None) + login = credentials.get('machine_login', None) # Forbidden the usage of the super user. if login == SUPER_USER: return None @@ -149,5 +168,9 @@ class VifibMachineAuthenticationPlugin(BasePlugin): #List implementation of class classImplements(VifibMachineAuthenticationPlugin, plugins.IAuthenticationPlugin) +classImplements( VifibMachineAuthenticationPlugin, + plugins.ILoginPasswordHostExtractionPlugin + ) + InitializeClass(VifibMachineAuthenticationPlugin) -- 2.30.9