Ignore:
Timestamp:
23/09/09 17:34:01 (10 years ago)
Author:
pjkersha
Message:

Testing SSL Client Authentication middleware with session and redirect middleware to enable wget support for NDG Security.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/python/ndg_security_server/ndg/security/server/wsgi/authn.py

    r5655 r5757  
    1515import logging 
    1616log = logging.getLogger(__name__) 
     17from paste.request import parse_querystring 
    1718from authkit.permissions import UserIn 
    1819 
     
    8283 
    8384         
    84 class AuthNRedirectMiddleware(NDGSecurityMiddlewareBase): 
     85class AuthnRedirectMiddleware(NDGSecurityMiddlewareBase): 
    8586    """Base class for Authentication HTTP redirect initiator and consumer WSGI  
    8687    middleware 
     
    8889    @type propertyDefaults: dict 
    8990    @cvar propertyDefaults: valid configuration property keywords     
    90     @type return2URIArgName: basestring 
    91     @cvar return2URIArgName: name of URI query argument used to pass the  
     91    @type RETURN2URI_ARGNAME: basestring 
     92    @cvar RETURN2URI_ARGNAME: name of URI query argument used to pass the  
    9293    return to URI between initiator and consumer classes""" 
    9394    propertyDefaults = { 
     
    9596    } 
    9697    propertyDefaults.update(NDGSecurityMiddlewareBase.propertyDefaults) 
    97     return2URIArgName = 'ndg.security.r' 
    98  
    99     _isAuthenticated = lambda self: 'REMOTE_USER' in self.environ 
     98    RETURN2URI_ARGNAME = 'ndg.security.r' 
     99    USERNAME_ENVIRON_KEYNAME = 'REMOTE_USER' 
     100     
     101    _isAuthenticated = lambda self: \ 
     102            AuthnRedirectMiddleware.USERNAME_ENVIRON_KEYNAME in self.environ 
     103             
    100104    isAuthenticated = property(fget=_isAuthenticated, 
    101                                doc='boolean for is user logged in') 
    102  
    103 class AuthNRedirectInitiatorMiddleware(AuthNRedirectMiddleware): 
     105                               doc='boolean for, "is user logged in?"') 
     106 
     107class AuthnRedirectInitiatorMiddleware(AuthnRedirectMiddleware): 
    104108    '''Middleware to initiate a redirect to another URI if a user is not  
    105109    authenticated i.e. security cookie is not set 
     
    114118        'redirectURI': None, 
    115119    } 
    116     propertyDefaults.update(AuthNRedirectMiddleware.propertyDefaults) 
     120    propertyDefaults.update(AuthnRedirectMiddleware.propertyDefaults) 
    117121     
    118122 
    119123    triggerStatus = '401' 
    120     id = 'authNRedirectInitiatorMiddleware' 
     124    id = 'AuthnRedirectInitiatorMiddleware' 
    121125 
    122126    def __init__(self, app, global_conf, **app_conf): 
     
    133137        ''' 
    134138        self._redirectURI = None 
    135         super(AuthNRedirectInitiatorMiddleware, self).__init__(app,  
     139        super(AuthnRedirectInitiatorMiddleware, self).__init__(app,  
    136140                                                               global_conf,  
    137141                                                               **app_conf) 
     
    141145        '''Invoke redirect if user is not authenticated''' 
    142146         
    143         log.debug("AuthNRedirectInitiatorMiddleware.__call__ ...") 
     147        log.debug("AuthnRedirectInitiatorMiddleware.__call__ ...") 
    144148         
    145149        if self.isAuthenticated: 
     
    175179        quotedReturn2URI = urllib.quote(return2URI, safe='') 
    176180        return2URIQueryArg = urllib.urlencode( 
    177                     {AuthNRedirectInitiatorMiddleware.return2URIArgName:  
     181                    {AuthnRedirectInitiatorMiddleware.RETURN2URI_ARGNAME:  
    178182                     quotedReturn2URI}) 
    179183 
     
    209213 
    210214 
    211 class AuthNRedirectResponseMiddleware(AuthNRedirectMiddleware): 
    212     """Compliment to AuthNRedirectInitiatorMiddleware  
     215class AuthnRedirectResponseMiddleware(AuthnRedirectMiddleware): 
     216    """Compliment to AuthnRedirectInitiatorMiddleware  
    213217    functioning as the opposite end of the HTTP redirect interface.  It  
    214218    performs the following tasks: 
     
    226230         
    227231        # Check for return to address in URI query args set by  
    228         # AuthNRedirectInitiatorMiddleware in application code stack 
     232        # AuthnRedirectInitiatorMiddleware in application code stack 
    229233        if environ['REQUEST_METHOD'] == "GET": 
    230234            params = dict(parse_querystring(environ)) 
     
    232236            params = {} 
    233237         
    234         quotedReferrer = params.get(self.__class__.return2URIArgName, '') 
     238        quotedReferrer = params.get(self.__class__.RETURN2URI_ARGNAME, '') 
    235239        referrerURI = urllib.unquote(quotedReferrer) 
    236240        if referrerURI: 
    237             session[self.__class__.return2URIArgName] = referrerURI 
     241            session[self.__class__.RETURN2URI_ARGNAME] = referrerURI 
    238242            session.save() 
    239243             
    240244        if self.isAuthenticated: 
    241             return2URI = session.get(self.__class__.return2URIArgName) 
     245            return2URI = session.get(self.__class__.RETURN2URI_ARGNAME) 
    242246            if return2URI is None: 
    243247                log.warning("user is authenticated but no return2URI has been " 
     
    321325        @type start_response: function 
    322326        @param start_response: standard WSGI start response function 
    323  
    324327        """ 
    325328        log.debug("SessionHandlerMiddleware.__call__ ...") 
     
    407410    '''Authentication Middleware Configuration error''' 
    408411 
     412 
    409413class AuthenticationMiddleware(MultiHandler, NDGSecurityMiddlewareBase): 
    410414    '''Handler to intercept 401 Unauthorized HTTP responses and redirect to an 
     
    442446        MultiHandler.__init__(self, app) 
    443447 
    444         self.add_method(AuthNRedirectInitiatorMiddleware.id,  
    445                         AuthNRedirectInitiatorMiddleware.filter_app_factory,  
     448        self.add_method(AuthnRedirectInitiatorMiddleware.id,  
     449                        AuthnRedirectInitiatorMiddleware.filter_app_factory,  
    446450                        global_conf, 
    447451                        prefix=prefix, 
    448452                        **app_conf) 
    449453         
    450         self.add_checker(AuthNRedirectInitiatorMiddleware.id,  
    451                          AuthNRedirectInitiatorMiddleware.checker) 
    452  
     454        self.add_checker(AuthnRedirectInitiatorMiddleware.id,  
     455                         AuthnRedirectInitiatorMiddleware.checker) 
     456 
Note: See TracChangeset for help on using the changeset viewer.