This is part1 of the mod_wsgi transition. It provides a new plugin:
api.Backend.session. This is a WSGI middleware component that will
create the LDAP connection and then route the request to the appropriate
WSGI application (/xml or /json or /ui).
The end result is that we have a single entry point (/ipa) instead of 3,
and we also use the exact same code path to create and destroy the LDAP
connection (which is obviously good for security).
All this still is running under mod_python, but my next patch switches
things to mod_wsgi (still have a few issues on that front).
>From 541616b0290d309a686bf66febb370ef0cade06a Mon Sep 17 00:00:00 2001
From: Jason Gerard DeRose
Date: Tue, 23 Feb 2010 10:53:47 -0700
Subject: [PATCH] Consolidate to single WSGI entry point
---
install/conf/ipa.conf | 81 +++--
ipalib/constants.py|2 +-
ipaserver/__init__.py |4 +
ipaserver/plugins/xmlserver.py | 10 +--
ipaserver/rpcserver.py | 149 +---
ipawebui/__init__.py | 11 +--
lite-server.py |6 +-
tests/test_ipaserver/test_rpcserver.py | 96 -
8 files changed, 276 insertions(+), 83 deletions(-)
diff --git a/install/conf/ipa.conf b/install/conf/ipa.conf
index b956293..f5987fb 100644
--- a/install/conf/ipa.conf
+++ b/install/conf/ipa.conf
@@ -11,14 +11,6 @@ PythonImport ipaserver main_interpreter
# This is required so the auto-configuration works with Firefox 2+
AddType application/java-archivejar
-# This is where we redirect on failed auth
-Alias /ipa/errors "/usr/share/ipa/html"
-
-# For the MIT Windows config files
-Alias /ipa/config "/usr/share/ipa/html"
-
-# For CRL publishing
-Alias /ipa/crl "/var/lib/pki-ca/publish"
@@ -32,34 +24,42 @@ Alias /ipa/crl "/var/lib/pki-ca/publish"
KrbSaveCredentials on
Require valid-user
ErrorDocument 401 /ipa/errors/unauthorized.html
-
-
SetHandler python-program
PythonInterpreter main_interpreter
- PythonHandler ipaserver::xmlrpc
+ PythonHandler ipaserver::handler
PythonDebug Off
- PythonOption SCRIPT_NAME /ipa/xml
+ PythonOption SCRIPT_NAME /ipa
PythonAutoReload Off
-
-
- SetHandler python-program
- PythonInterpreter main_interpreter
- PythonHandler ipaserver::jsonrpc
- PythonDebug Off
- PythonOption SCRIPT_NAME /ipa/json
- PythonAutoReload Off
-
- SetHandler python-program
- PythonInterpreter main_interpreter
- PythonHandler ipaserver::webui
- PythonDebug Off
- PythonOption SCRIPT_NAME /ipa/ui
- PythonAutoReload Off
-
+#
+# SetHandler python-program
+# PythonInterpreter main_interpreter
+# PythonHandler ipaserver::xmlrpc
+# PythonDebug Off
+# PythonOption SCRIPT_NAME /ipa/xml
+# PythonAutoReload Off
+#
+
+#
+# SetHandler python-program
+# PythonInterpreter main_interpreter
+# PythonHandler ipaserver::jsonrpc
+# PythonDebug Off
+# PythonOption SCRIPT_NAME /ipa/json
+# PythonAutoReload Off
+#
+
+#
+# SetHandler python-program
+# PythonInterpreter main_interpreter
+# PythonHandler ipaserver::webui
+# PythonDebug Off
+# PythonOption SCRIPT_NAME /ipa/ui
+# PythonAutoReload Off
+#
Alias /ipa-assets/ "/var/cache/ipa/assets/"
@@ -72,14 +72,39 @@ Alias /ipa-assets/ "/var/cache/ipa/assets/"
+
+ SetHandler None
+
+
+
+ SetHandler None
+
+
+
+ SetHandler None
+
+
+
+# This is where we redirect on failed auth
+Alias /ipa/errors "/usr/share/ipa/html"
+
+# For the MIT Windows config files
+Alias /ipa/config "/usr/share/ipa/html"
+
# Do no authentication on the directory that contains error messages
+ SetHandler None
AllowOverride None
Satisfy Any
Allow from all
+
+# For CRL publishing
+Alias /ipa/crl "/var/lib/pki-ca/publish"
+
+ SetHandler None
AllowOverride None
Options Indexes FollowSymLinks
Satisfy Any
diff --git a/ipalib/constants.py b/ipalib/constants.py
index 79ddbca..a942076 100644
--- a/ipalib/constants.py
+++ b/ipalib/constants.py
@@ -108,7 +108,7 @@ DEFAULT_CONFIG = (
('mount_ipa', '/ipa/'),
('mount_xmlserver', 'xml'),
('mount_jsonserver', 'json'),
-('mount_webui', 'ui/'),
+('mount_webui', 'ui'),
('mount_webui_assets', '/ipa-assets/'),
# WebUI stuff:
diff --git a/ipaserver/__init__.py b/ipaserver/__init__.py
index 1b62255..874ac3e 100644
--- a/ipaserver/__init__.py
+++ b/ipaserver/__init__.py
@@ -222,3 +222,7 @@ def webui(req):
mod_python handler for web-UI requests (place holder).
"""
return adapter(req, ui)
+
+
+def handler(req):
+return adapter(req, api.Backend.session)
diff --git a/ipaserver/plugins/xmlserver.py b/ipaserver/plugins/xmlserver.py
index cbbf148..290bef6 100644
--- a/ipaserver/plugins/xmlserver.py
+++ b/ipaserver/plugins/xmlserver.py
@@ -19,17 +19,13 @@
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
"""
-XML-RPC client plugin.
+Loads WSGI server plugins.
"""
from ip