Changeset 8696


Ignore:
Timestamp:
30/11/12 13:20:05 (6 years ago)
Author:
mnagni
Message:

Adds a new optional parameter 'DJ_SECURITY_FILTER' to define which url should undergoes the middleware feature

Location:
mauRepo/dj_security_middleware/trunk/dj_security_middleware
Files:
3 added
3 edited

Legend:

Unmodified
Added
Removed
  • mauRepo/dj_security_middleware/trunk/dj_security_middleware/README

    r8683 r8696  
    2828service to encrypt the 'auth_tkt' cookie (say 'sharedsecret') 
    2929 
    30 4) DJ_SECURITY_AUTH_CHECK (optional) is a function which returns a boolean  
     304) DJ_SECURITY_FILTER (optional) is a list of URL paths which are secured 
     31by the middleware, that is if a request URL matches any in DJ_SECURITY_FILTER 
     32the middleware will verify if the user is authenticated or not. 
     33If the parameter is absent all the required paths will be secured. 
     34More specifically the middleware will trust 
     35 - all the patterns equal to a given path 
     36 - all the patterns equal or below a given path 
     37Example: 
     38------------------------------------------------------------------------- 
     39# If not already authenticated redirects to the DJ_SECURITY_LOGIN_SERVICE 
     40DJ_SECURITY_FILTER = []   
     41 
     42If not already authenticated redirects to the DJ_SECURITY_LOGIN_SERVICE 
     43all the paths starting with "/my_ceda" 
     44DJ_SECURITY_FILTER = ['/my_ceda']   
     45 
     46If not already authenticated redirects to the DJ_SECURITY_LOGIN_SERVICE 
     47all the paths starting with "/my_ceda/my_page" but not path like "/my_ceda" 
     48DJ_SECURITY_FILTER = ['/my_ceda/my_page'] 
     49 
     50Equivalent to ['/my_ceda'] 
     51DJ_SECURITY_FILTER = ['/my_ceda/my_page', '/my_ceda'] 
     52 
     53If not already authenticated redirects to the DJ_SECURITY_LOGIN_SERVICE 
     54all the paths starting with regular expression "/my_ceda/[1-2]", that is 
     55'my_ceda/1_test' will be secured, 'my_ceda/3_test' will be not 
     56DJ_SECURITY_FILTER = ['/my_ceda/[1-2]'] 
     57------------------------------------------------------------------------- 
     58 
     595) DJ_SECURITY_AUTH_CHECK (optional) is a function which returns a boolean  
    3160shall accept one parameter where the middleware will pass the HTTPRequest. 
    3261If the function raises an exception, returns False or None the middleware forces 
  • mauRepo/dj_security_middleware/trunk/dj_security_middleware/dj_security_middleware/__init__.py

    r8692 r8696  
    1 __version__ = '0.0.5' 
     1__version__ = '0.0.6' 
  • mauRepo/dj_security_middleware/trunk/dj_security_middleware/dj_security_middleware/middleware.py

    r8692 r8696  
    4242import logging 
    4343import urlparse 
     44import re 
    4445 
    4546# Get an instance of a logger 
     
    7071    """     
    7172    def process_request(self, request): 
     73        url_fiters = getattr(settings, 'DJ_SECURITY_FILTER', None) 
     74        if url_fiters \ 
     75            and security_url_filter(request.path, url_fiters): 
     76            return 
     77         
    7278        if not getattr(settings, 'DJ_SECURITY_LOGIN_SERVICE', None): 
    7379            raise DJMiddlewareException(LOGIN_SERVICE_ERROR)   
     
    158164         
    159165    return _calculate_remote_ip(socket.getfqdn()) 
     166 
     167def security_url_filter(string, filters): 
     168    """ 
     169        Checks a given url request against a list of url filters. 
     170        ** string ** string a url 
     171        ** filters ** a list of strings 
     172        ** RETURN ** True if a match is found, False otherwise 
     173    """  
     174    try:         
     175        result = urlparse.urlparse(string) 
     176        return _security_filter(result.path, filters) 
     177    except AttributeError: 
     178        return False 
     179 
     180def _security_filter(string, filters): 
     181    """ 
     182        Checks a given strings against a list of strings. 
     183        ** string ** string a url 
     184        ** filters ** a list of strings 
     185    """     
     186    if not filters or not string or len(string.strip()) == 0: 
     187        return False 
     188    if string in filters: 
     189        return True 
     190    for ifilter in filters: 
     191        if re.match(ifilter, string): 
     192            return True 
Note: See TracChangeset for help on using the changeset viewer.