[Freeipa-devel] [PATCH] Use Apache mod_proxy for auth
Kevin McCarthy
kmccarth at redhat.com
Mon Sep 10 21:35:20 UTC 2007
Rob Crittenden wrote:
> * Enable mod_proxy to sit in front of TurboGears and pass along the
> kerberos principal name
> * Add an identity an visit class to TurboGears that can handle the use
> without requiring a database
> * Update the UI to show the user correctly.
> * Note that this is currently disabled. It is hardcoded to always return
> the principal test at FREEIPA.ORG in proxyprovider.py. So this won't change
> the way Kevin develops or demos.
> * It doesn't handle an unauthorized request because that can never happen.
>
> I'm not 100% sure I got all the @identity() stuff set right in
> controllers.py but it is a start.
I'm not familiar with the identity stuff, but it looks good. Let's get
it in and play with it.
Glad you were able to get this working without having to hack the global
file!
-Kevin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2228 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20070910/a0bd69ef/attachment.bin>
More information about the Freeipa-devel
mailing list