![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 9e6501c)
raw | patch | inline | side by side (parent: 9e6501c)
| author | stefan <stefan@57a73879-2fb5-44c3-a270-3262357dd7e2> | |
| Mon, 23 Feb 2009 15:46:14 +0000 (15:46 +0000) | ||
| committer | stefan <stefan@57a73879-2fb5-44c3-a270-3262357dd7e2> | |
| Mon, 23 Feb 2009 15:46:14 +0000 (15:46 +0000) |
git-svn-id: http://svn.roundup-tracker.org/svnroot/roundup/roundup/trunk@4162 57a73879-2fb5-44c3-a270-3262357dd7e2
| patches/20020205.alternate_auth | [deleted file] | patch | blob | history |
diff --git a/patches/20020205.alternate_auth b/patches/20020205.alternate_auth
+++ /dev/null
@@ -1,254 +0,0 @@
-From daniel_clark@us.ibm.com Wed Feb 6 04:27:15 2002
-X-Sieve: cmu-sieve 2.0
-Return-Path: <roundup-devel-admin@lists.sourceforge.net>
-Received: (from uucp@localhost)
- by crown.off.ekorp.com (8.9.3/8.9.3) id RAA12435
- for rjones@ekit-inc.com; Tue, 5 Feb 2002 17:30:24 GMT
-Received: from usw-sf-fw2.sourceforge.net(216.136.171.252), claiming to be "usw-sf-list1.sourceforge.net"
- via SMTP by mx3.ekorp.com, id smtpdAAALJaWqy; Tue Feb 5 17:30:22 2002
-Received: from localhost ([127.0.0.1] helo=usw-sf-list1.sourceforge.net)
- by usw-sf-list1.sourceforge.net with esmtp (Exim 3.31-VA-mm2 #1 (Debian))
- id 16Y9Q6-0002kj-00; Tue, 05 Feb 2002 09:30:14 -0800
-Received: from lotus2.lotus.com ([129.42.241.42])
- by usw-sf-list1.sourceforge.net with esmtp (Exim 3.31-VA-mm2 #1 (Debian))
- id 16Y9Ps-0002ee-00
- for <roundup-devel@lists.sourceforge.net>; Tue, 05 Feb 2002 09:30:00 -0800
-Received: from internet2.lotus.com (internet2 [172.16.131.236])
- by lotus2.lotus.com (8.12.1/8.12.1) with ESMTP id g15HUnTQ013140
- for <roundup-devel@lists.sourceforge.net>; Tue, 5 Feb 2002 12:30:54 -0500 (EST)
-Received: from a3mail.lotus.com (a3mail.lotus.com [9.95.5.66])
- by internet2.lotus.com (8.12.1/8.12.1) with ESMTP id g15HTHS0005917
- for <roundup-devel@lists.sourceforge.net>; Tue, 5 Feb 2002 12:29:17 -0500 (EST)
-To: roundup-devel@lists.sourceforge.net
-X-Mailer: Lotus Notes Release 5.0.8 June 18, 2001
-Message-ID: <OF2C7B87C4.DF1574A8-ON85256B56.0060B9A2@lotus.com>
-From: "Daniel Clark/CAM/Lotus" <daniel_clark@us.ibm.com>
-X-MIMETrack: Serialize by Router on A3MAIL/CAM/H/Lotus(Build V5010_01222002 |January 22, 2002) at
- 02/05/2002 12:25:48 PM
-MIME-Version: 1.0
-Content-type: text/plain;
- charset=iso-8859-1
-Content-transfer-encoding: quoted-printable
-Subject: [Roundup-devel] Alternative authentication for roundup
-Sender: roundup-devel-admin@lists.sourceforge.net
-Errors-To: roundup-devel-admin@lists.sourceforge.net
-X-BeenThere: roundup-devel@lists.sourceforge.net
-X-Mailman-Version: 2.0.5
-Precedence: bulk
-List-Help: <mailto:roundup-devel-request@lists.sourceforge.net?subject=help>
-List-Post: <mailto:roundup-devel@lists.sourceforge.net>
-List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/roundup-devel>,
- <mailto:roundup-devel-request@lists.sourceforge.net?subject=subscribe>
-List-Id: <roundup-devel.lists.sourceforge.net>
-List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/roundup-devel>,
- <mailto:roundup-devel-request@lists.sourceforge.net?subject=unsubscribe>
-List-Archive: <http://www.geocrawler.com/redir-sf.php3?list=roundup-devel>
-X-Original-Date: Tue, 5 Feb 2002 12:27:15 -0500
-Date: Tue, 5 Feb 2002 12:27:15 -0500
-Status: R
-X-Status: N
-
-I'm trying to get roundup to work with an alternative method of
-authentication (due to a corporate requirement of using a common intran=
-et
-password). I've created an "altauth" module to abstract the details of =
-the
-authentication. Since the hyperdb usernames and passwords seem to be
-referenced in a lot of places in the code, I am just creating hyperdb
-entries for the users if they exist and enter their correct passwords
-against the alternate authentication source. For the most part this eff=
-ects
-the login_action function in cgi_client.py. I've completed some changes=
-
-that make this work for the web interface, but as I am new to roundup a=
-nd
-relatively new to python I thought I'd post the changes for review. If
-others would find this functionality useful I would be happy if these
-changes (probably reworked) could make it into future releases.
-
-The main things I think I still need to do are add equivalent changes t=
-o
-mailgw.py and handle messages from the alternative authentication sourc=
-e
-better.
-
---- cgi_client.py Tue Feb 5 21:56:30 2002
-+++ cgi_client.py-altauth Tue Feb 5 21:56:30 2002
-@@ -27,6 +27,13 @@
- import roundupdb, htmltemplate, date, hyperdb, password
- from roundup.i18n import _
-
-+try:
-+ from altauth import altauth
-+ import password as password_module
-+ altauth_exists =3D 1
-+except:
-+ altauth_exists =3D 0
-+
- class Unauthorised(ValueError):
- pass
-
-@@ -807,7 +814,24 @@
- password =3D self.form['__login_password'].value
- else:
- password =3D ''
-+ # if using alternate authentication, perform it.
-+ if altauth_exists:
-+ auth =3D altauth(self.user, password)
- # make sure the user exists
-+ if altauth_exists:
-+ if auth.exists:
-+ try:
-+ uid =3D self.db.user.lookup(self.user)
-+ except KeyError:
-+ username =3D str(self.user)
-+ self.db =3D self.instance.open('admin')
-+ cl =3D self.db.user
-+ props =3D {'username':username, 'realname':auth.re=
-alname,
-+ 'organisation':auth.org, 'address':auth.e=
-mail,
-+ 'phone':auth.phone}
-+ uid =3D cl.create(**props)
-+ self.user =3D cl.get(uid, 'username')
-+ self.db.commit()
- try:
- uid =3D self.db.user.lookup(self.user)
- except KeyError:
-@@ -819,6 +843,20 @@
- return 0
-
- # and that the password is correct
-+ if altauth_exists:
-+ if auth.success:
-+ name =3D str(self.user)
-+ self.db =3D self.instance.open(name)
-+ value =3D password_module.Password(password.strip())
-+ password_dict =3D {'password':value}
-+ user =3D self.db.user
-+ user.set(uid, **password_dict)
-+ self.db.commit()
-+ else:
-+ self.make_user_anonymous()o
-+ action =3D self.form['__destination_url'].value
-+ self.login(message=3D_(auth.message), action=3Daction)=
-
-+ return 0
- pw =3D self.db.user.get(uid, 'password')
- if password !=3D pw:
- self.make_user_anonymous()
-
-
-example altauth.py:
-
-__doc__ =3D """
-Alternative authentication for roundup
-"""
-
-import pipes, os, string
-
-class altauth:
- """
- Arguments:
- username : username
- password : password in plaintext
-
- Instance variables:
- realname : username's real name
- org : username's organization
- email : username's email address
- phone : username's phone number
-
- code : return code from alternate authentication
- message : message from alternate authentication
- exists : does user exist in alternate autentication source?
- success : did user enter a valid user / password combo?
- """
- def __init__(self, username=3DNone, password=3DNone):
- # Make sure user and password have values - else java cwauthcmd=
- hangs.
- if username is None:
- username =3D "test"
- if password is None:
- password =3D "test"
-
- # In Bluepages, your username is your email address, but this m=
-ight not
- # be true for other authentication sources.
- self.email =3D username
-
- # Get realname, phone and org from Bluepages
- cmd =3D "phone ldap emailaddress=3D%s format givenname sn telep=
-honenumber dept" % self.email
- s =3D os.popen(cmd).readlines()[0].strip().split()
- self.realname =3D string.join(s[:-2])
- self.phone =3D s[-2]
- self.org =3D s[-1]
-
- # Open a pipeline to java cwauth stuff. The most secure option =
-I could think of
- # besides JPE (Java Python Extension), which I couldn't get to =
-work.
- os.umask(077)
- t=3Dpipes.Template()
- t.append('java cwauthcmd', '--')
- tmpfile =3D os.tmpnam()
- f=3Dt.open(tmpfile, 'w')
- f.write(username + " " + password)
- f.close()
- self.code =3D int(open(tmpfile).read().strip())
- os.remove(tmpfile)
-
- if self.code =3D=3D 0:
- self.message =3D "Success. The authentication was successfu=
-l."
- self.exists =3D 1
- self.success =3D 1
- elif self.code =3D=3D 2:
- self.message =3D "Not registered. Visit http://w3.ibm.com/p=
-assword/"
- self.exists =3D 0
- self.success =3D 0
- elif self.code =3D=3D 3:
- self.message =3D "LDAP Error. There was an error communicat=
-ing with Bluepages."
- self.exists =3D 0
- self.success =3D 0
- elif self.code =3D=3D 4:
- self.message =3D "No Record Found. No user was found havin=
-g that e-mail address."
- self.exists =3D 0
- self.success =3D 0
- elif self.code =3D=3D 5:
- self.message =3D "Multiple Records Found. More than one ent=
-ry exists for that e-mail address."
- self.exists =3D 1
- self.success =3D 0
- elif self.code =3D=3D 6:
- self.message =3D "Incorrect password. Try again or visit ht=
-tp://w3.ibm.com/password"
- self.exists =3D 1
- self.success =3D 0
- else:
- self.message =3D "Unknown result code. Contact daniel_clark=
-@us.ibm.com"
- self.exists =3D 0
- self.success =3D 0
-
-
---
-Daniel Clark =A7 Sys Admin & Assistant Release Engineer
-IBM =BB Lotus =BB Messaging Technology Group =A7 http://w3.mtg.lotus.co=
-m
-Tieline 693-7353 =A7 External 617-693-7353 =A7 Mobile 617-877-0702
-AIM as djbclark =A7 Sametime as Daniel Clark/CAM/Lotus
-=
-
-
-
-_______________________________________________
-Roundup-devel mailing list
-Roundup-devel@lists.sourceforge.net
-https://lists.sourceforge.net/lists/listinfo/roundup-devel
-
-