proxyauthtype for web users
This commit is contained in:
Tomas Kopecek
Yu Ming Zhu
parent
330e4d5a1f
commit
b6ccafafeb
4 changed files with 34 additions and 34 deletions
12
koji/auth.py
12
koji/auth.py
|
|
@ -316,6 +316,15 @@ class Session(object):
|
|||
return (local_ip, local_port, remote_ip, remote_port)
|
||||
|
||||
def sslLogin(self, proxyuser=None, proxyauthtype=None):
|
||||
|
||||
"""Login into brew via SSL. proxyuser name can be specified and if it is
|
||||
allowed in the configuration file then connection is allowed to login as
|
||||
that user. By default we assume that proxyuser is coming via same
|
||||
authentication mechanism but proxyauthtype can be set to koji.AUTHTYPE_*
|
||||
value for different handling. Typical case is proxying kerberos user via
|
||||
web ui which itself is authenticated via SSL certificate. (See kojiweb
|
||||
for usage).
|
||||
"""
|
||||
if self.logged_in:
|
||||
raise koji.AuthError("Already logged in")
|
||||
|
||||
|
|
@ -364,6 +373,9 @@ class Session(object):
|
|||
|
||||
# in this point we can continue with proxied user in same way as if it is not proxied
|
||||
if proxyauthtype is not None:
|
||||
if proxyauthtype not in (koji.AUTHTYPE_GSSAPI, koji.AUTHTYPE_SSL):
|
||||
raise koji.AuthError(
|
||||
"Proxied authtype %s is not valid for sslLogin" % proxyauthtype)
|
||||
authtype = proxyauthtype
|
||||
|
||||
if authtype == koji.AUTHTYPE_GSSAPI and '@' in username:
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue