Hopefully this provides the patch as ascii rather than as html.
Any comments / re-factors are welcome.
James
--- Begin Message ---
From: James Clednenan <james.clende...@gmail.com>
---
cobbler/modules/authn_chainload.py | 64 +++++++++++++++++++++++++++++
installer_templates/modules.conf.template | 1 +
installer_templates/settings.template | 6 +++
3 files changed, 71 insertions(+), 0 deletions(-)
create mode 100644 cobbler/modules/authn_chainload.py
diff --git a/cobbler/modules/authn_chainload.py
b/cobbler/modules/authn_chainload.py
new file mode 100644
index 0000000..8de56c9
--- /dev/null
+++ b/cobbler/modules/authn_chainload.py
@@ -0,0 +1,64 @@
+"""
+Authentication module that chains other authentication modules togeter based
on
+the settings in /etc/cobbler/settings
+
+Copyright 2011
+James Clendenan <james.clende...@gmail.com>
+
+This software may be freely redistributed under the terms of the GNU
+general public license.
+
+You should have received a copy of the GNU General Public License
+along with this program; if not, write to the Free Software
+Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+"""
+
+import distutils.sysconfig
+import sys
+import os
+from cobbler import utils
+from utils import _
+import traceback
+
+plib = distutils.sysconfig.get_python_lib()
+mod_path="%s/cobbler" % plib
+sys.path.insert(0, mod_path)
+
+import cexceptions
+import utils
+
+def register():
+ """
+ The mandatory cobbler module registration hook.
+ """
+ return "authn"
+
+def authenticate(api_handle,username,password):
+
+ # deny login to start
+ rc = False
+
+ authn_modules = api_handle.settings().authn_chainload_modules
+ # allow multiple or single authn_modules split by a space
+ if authn_modules.find(" "):
+ authn_modules = authn_modules.split()
+ else:
+ authn_modules = [authn_modules]
+
+ # print "authn modules: %s" % authn_modules
+
+ for module in authn_modules:
+ lib = "import %s as authn_mod" % module
+ exec(lib) # import module library
+ mod_rc = authn_mod.authenticate(api_handle,username,password)
+
+ # debuging returncode from each module
+ # print "%s rc=%s" % (module,mod_rc)
+
+ rc = rc or mod_rc
+
+ return rc
+
+if __name__ == "__main__":
+ api_handle = cobbler_api.BootAPI()
+ print authenticate(api_handle, "guest", "guest")
diff --git a/installer_templates/modules.conf.template
b/installer_templates/modules.conf.template
index 80edd77..6417444 100644
--- a/installer_templates/modules.conf.template
+++ b/installer_templates/modules.conf.template
@@ -10,6 +10,7 @@
# authn_passthru -- ask Apache to handle it (used for kerberos)
# authn_ldap -- authenticate against LDAP
# authn_spacewalk -- ask Spacewalk/Satellite (experimental)
+# authn_chainload -- chain multiple authn modules together
# authn_testing -- username/password is always testing/testing (debug)
# (user supplied) -- you may write your own module
#
diff --git a/installer_templates/settings.template
b/installer_templates/settings.template
index 335c320..0fa618e 100644
--- a/installer_templates/settings.template
+++ b/installer_templates/settings.template
@@ -160,6 +160,12 @@ ldap_search_bind_dn: ''
ldap_search_passwd: ''
ldap_search_prefix: 'uid='
+# configuration options for authn_chainload.
+# Chainload these modules in this order. (space separated list)
+# Keep authn_denyall at the end for safety.
+authn_chainload_modules: authn_configfile authn_ldap authn_denyall
+
+
# cobbler has a feature that allows for integration with config management
# systems such as Puppet. The following parameters work in conjunction with
# --mgmt-classes and are described in furhter detail at:
--
1.7.2.1
--- End Message ---
_______________________________________________
cobbler-devel mailing list
cobbler-devel@lists.fedorahosted.org
https://fedorahosted.org/mailman/listinfo/cobbler-devel