202 lines
7.0 KiB
Python
Executable File
202 lines
7.0 KiB
Python
Executable File
#! /usr/bin/env python
|
|
# -*- coding: iso-8859-15 -*-
|
|
|
|
|
|
# Glasnost
|
|
# By: Odile Bénassy <obenassy@entrouvert.com>
|
|
# Romain Chantereau <rchantereau@entrouvert.com>
|
|
# Nicolas Clapiès <nclapies@easter-eggs.org>
|
|
# Pierre-Antoine Dejace <padejace@entrouvert.be>
|
|
# Thierry Dulieu <tdulieu@easter-eggs.com>
|
|
# Florent Monnier <monnier@codelutin.com>
|
|
# Cédric Musso <cmusso@easter-eggs.org>
|
|
# Frédéric Péters <fpeters@entrouvert.be>
|
|
# Benjamin Poussin <poussin@codelutin.com>
|
|
# Emmanuel Raviart <eraviart@entrouvert.com>
|
|
# Sébastien Régnier <regnier@codelutin.com>
|
|
# Emmanuel Saracco <esaracco@easter-eggs.com>
|
|
#
|
|
# Copyright (C) 2000, 2001 Easter-eggs & Emmanuel Raviart
|
|
# Copyright (C) 2002 Odile Bénassy, Code Lutin, Thierry Dulieu, Easter-eggs,
|
|
# Entr'ouvert, Frédéric Péters, Benjamin Poussin, Emmanuel Raviart,
|
|
# Emmanuel Saracco & Théridion
|
|
# Copyright (C) 2003 Odile Bénassy, Romain Chantereau, Nicolas Clapiès,
|
|
# Code Lutin, Pierre-Antoine Dejace, Thierry Dulieu, Easter-eggs,
|
|
# Entr'ouvert, Florent Monnier, Cédric Musso, Ouvaton, Frédéric Péters,
|
|
# Benjamin Poussin, Rodolphe Quiédeville, Emmanuel Raviart, Sébastien
|
|
# Régnier, Emmanuel Saracco, Théridion & Vecam
|
|
#
|
|
# This program is free software; you can redistribute it and/or
|
|
# modify it under the terms of the GNU General Public License
|
|
# as published by the Free Software Foundation; either version 2
|
|
# of the License, or (at your option) any later version.
|
|
#
|
|
# This program is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with this program; if not, write to the Free Software
|
|
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
|
|
|
|
|
__doc__ = """Glasnost LDAP Authentication Server"""
|
|
|
|
__version__ = '$Revision$'[11:-2]
|
|
|
|
|
|
import cPickle
|
|
import sys
|
|
try:
|
|
import ldap
|
|
except:
|
|
sys.exit(1)
|
|
|
|
import time
|
|
import whrandom
|
|
|
|
glasnostPythonDir = '/usr/local/lib/glasnost-devel' # changed on make install
|
|
sys.path.insert(0, glasnostPythonDir)
|
|
|
|
import glasnost
|
|
|
|
from glasnost.common.AuthenticationLdapCommon import *
|
|
import glasnost.common.faults as faults
|
|
import glasnost.common.tools_new as commonTools
|
|
|
|
from glasnost.proxy.DispatcherProxy import getApplicationId, \
|
|
getApplicationToken, registerServer, registerVirtualServer
|
|
from glasnost.server.ObjectsServer import register, AdministrableServerMixin, \
|
|
AdminServerMixin, Server, VirtualServer, AdministrableVirtualServer
|
|
from glasnost.server.tools import *
|
|
|
|
from glasnost.proxy.GroupsProxy import setContains
|
|
|
|
import glasnost.server.kinds as kinds
|
|
|
|
applicationName = 'AuthenticationLdapServer'
|
|
applicationRole = 'authentication-ldap'
|
|
|
|
|
|
class AdminAuthenticationLdap(AdminServerMixin, AdminAuthenticationLdapCommon):
|
|
pass
|
|
register(AdminAuthenticationLdap)
|
|
|
|
|
|
class AuthenticationLdapVirtualServer(AdministrableVirtualServer):
|
|
authentications = None
|
|
|
|
def addAccount(self, userId, tupleInfo):
|
|
return
|
|
|
|
def checkAuthentication(self, tupleInfo):
|
|
ldapconn = ldap.open('localhost')
|
|
try:
|
|
ldapconn.simple_bind_s(
|
|
'uid=%s, ou=People, o=entrouvert, c=be' % tupleInfo[0],
|
|
tupleInfo[1])
|
|
except ldap.INVALID_CREDENTIALS:
|
|
raise faults.WrongPassword('****')
|
|
return 'glasnost://localhost/atoms/1'
|
|
|
|
def deleteAccount(self, partialAccount):
|
|
pass
|
|
|
|
def getAccounts(self):
|
|
return []
|
|
|
|
def getAccountUserId(self, partialAccount):
|
|
return
|
|
|
|
def getServer(self): # FIXME: should come from somewhere
|
|
"""Return the server string."""
|
|
return context.getVar('server')
|
|
|
|
def hasAccount(self, partialAccount):
|
|
return 1
|
|
|
|
|
|
class AuthenticationLdapServer(
|
|
AuthenticationLdapCommonMixin,
|
|
AdministrableServerMixin, Server):
|
|
authenticationMethodName = 'login-password'
|
|
VirtualServer = AuthenticationLdapVirtualServer
|
|
|
|
def addAccount(self, userId, tupleInfo):
|
|
virtualServerId = context.getVar('applicationId')
|
|
virtualServer = self.getVirtualServer(virtualServerId)
|
|
result = virtualServer.addAccount(userId, tupleInfo)
|
|
return result
|
|
|
|
def checkAuthentication(self, tupleInfo):
|
|
virtualServerId = context.getVar('applicationId')
|
|
virtualServer = self.getVirtualServer(virtualServerId)
|
|
return virtualServer.checkAuthentication(tupleInfo)
|
|
|
|
def deleteAccount(self, partialAccount):
|
|
virtualServerId = context.getVar('applicationId')
|
|
virtualServer = self.getVirtualServer(virtualServerId)
|
|
virtualServer.deleteAccount(partialAccount)
|
|
|
|
def getAccounts(self):
|
|
virtualServerId = context.getVar('applicationId')
|
|
virtualServer = self.getVirtualServer(virtualServerId)
|
|
return virtualServer.getAccounts()
|
|
|
|
def getAccountUserId(self, partialAccount):
|
|
virtualServerId = context.getVar('applicationId')
|
|
virtualServer = self.getVirtualServer(virtualServerId)
|
|
return virtualServer.getAccountUserId(partialAccount)
|
|
|
|
def getSlotNamesAndKindsXmlRpc(self, action):
|
|
login = kinds.String()
|
|
login.isRequired = 1
|
|
login.isTranslatable = 0
|
|
login.label = N_('Username')
|
|
|
|
if action != 'login':
|
|
return [('login', login.exportToXmlRpc())]
|
|
|
|
password = kinds.Password()
|
|
password.widgetName = 'InputPassword'
|
|
password.isRequired = 1
|
|
password.label = N_('Password')
|
|
|
|
return [('login', login.exportToXmlRpc()),
|
|
('password', password.exportToXmlRpc())]
|
|
|
|
def hasAccount(self, partialAccount):
|
|
virtualServerId = context.getVar('applicationId')
|
|
virtualServer = self.getVirtualServer(virtualServerId)
|
|
return virtualServer.hasAccount(partialAccount)
|
|
|
|
def registerPublicMethods(self):
|
|
Server.registerPublicMethods(self)
|
|
AdministrableServerMixin.registerPublicMethods(self)
|
|
self.registerPublicMethod('addAccount')
|
|
self.registerPublicMethod('checkAuthentication')
|
|
self.registerPublicMethod('deleteAccount')
|
|
self.registerPublicMethod('getAccounts')
|
|
self.registerPublicMethod('getAccountUserId')
|
|
self.registerPublicMethod('hasAccount')
|
|
self.registerPublicMethod('getSlotNamesAndKinds',
|
|
self.getSlotNamesAndKindsXmlRpc)
|
|
|
|
def startRpcServer(self):
|
|
Server.startRpcServer(self)
|
|
authenticationProxy = getProxyForServerRole('authentication')
|
|
while 1:
|
|
try:
|
|
authenticationProxy.registerAuthenticationMethod(
|
|
self.authenticationMethodName)
|
|
except faults.UnknownServerId:
|
|
time.sleep(1)
|
|
continue
|
|
break
|
|
|
|
if __name__ == '__main__':
|
|
AuthenticationLdapServer().launch(applicationName, applicationRole)
|
|
|
|
|