[Freeipa-devel] [PATCH] Use Apache mod_proxy for auth
Rob Crittenden
rcritten at redhat.com
Mon Sep 10 20:49:15 UTC 2007
* Enable mod_proxy to sit in front of TurboGears and pass along the
kerberos principal name
* Add an identity an visit class to TurboGears that can handle the use
without requiring a database
* Update the UI to show the user correctly.
* Note that this is currently disabled. It is hardcoded to always return
the principal test at FREEIPA.ORG in proxyprovider.py. So this won't change
the way Kevin develops or demos.
* It doesn't handle an unauthorized request because that can never happen.
I'm not 100% sure I got all the @identity() stuff set right in
controllers.py but it is a start.
rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-172-proxy.diff
Type: text/x-patch
Size: 16444 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20070910/c83d74e9/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20070910/c83d74e9/attachment-0001.bin>
More information about the Freeipa-devel
mailing list