Changeset View
Changeset View
Standalone View
Standalone View
pykolab/auth/__init__.py
| Show First 20 Lines • Show All 43 Lines • ▼ Show 20 Lines | class Auth(pykolab.base.Base): | ||||
| def authenticate(self, login): | def authenticate(self, login): | ||||
| """ | """ | ||||
| Verify login credentials supplied in login against the appropriate | Verify login credentials supplied in login against the appropriate | ||||
| authentication backend. | authentication backend. | ||||
| Login is a simple list of username, password, service and, | Login is a simple list of username, password, service and, | ||||
| optionally, the realm. | optionally, the realm. | ||||
| """ | """ | ||||
| if len(login) == 3: | if len(login) == 3: | ||||
| # The realm has not been specified. See if we know whether or not | # The realm has not been specified. See if we know whether or not | ||||
| # to use virtual_domains, as this may be a cause for the realm not | # to use virtual_domains, as this may be a cause for the realm not | ||||
| # having been specified separately. | # having been specified separately. | ||||
| use_virtual_domains = conf.get('imap', 'virtual_domains') | use_virtual_domains = conf.get('imap', 'virtual_domains') | ||||
| # TODO: Insert debug statements | # TODO: Insert debug statements | ||||
| #if use_virtual_domains == "userid": | #if use_virtual_domains == "userid": | ||||
| #print "# Derive domain from login[0]" | # print "# Derive domain from login[0]" | ||||
| #elif not use_virtual_domains: | #elif not use_virtual_domains: | ||||
| #print "# Explicitly do not user virtual domains??" | # print "# Explicitly do not user virtual domains??" | ||||
| #else: | #else: | ||||
| ## Do use virtual domains, derive domain from login[0] | # ## Do use virtual domains, derive domain from login[0] | ||||
| #print "# Derive domain from login[0]" | # print "# Derive domain from login[0]" | ||||
| if len(login[0].split('@')) > 1: | if len(login[0].split('@')) > 1: | ||||
| domain = login[0].split('@')[1] | domain = login[0].split('@')[1] | ||||
| elif len(login) >= 4: | elif len(login) >= 4: | ||||
| domain = login[3] | domain = login[3] | ||||
| else: | else: | ||||
| domain = conf.get("kolab", "primary_domain") | domain = conf.get("kolab", "primary_domain") | ||||
| # realm overrides domain | # realm overrides domain | ||||
| if len(login) == 4: | if len(login) == 4: | ||||
| domain = login[3] | domain = login[3] | ||||
| retval = self._auth.authenticate(login, domain) | retval = self._auth.authenticate(login, domain) | ||||
| return retval | return retval | ||||
| def connect(self, domain=None): | def connect(self, domain=None): | ||||
| """ | """ | ||||
| Connect to the domain authentication backend using domain, or fall | Connect to the domain authentication backend using domain, or fall | ||||
| back to the primary domain specified by the configuration. | back to the primary domain specified by the configuration. | ||||
| """ | """ | ||||
| log.debug(_("Called for domain %r") % (domain), level=8) | log.debug(_("Called for domain %r") % (domain), level=5) | ||||
| if not self._auth == None: | if not self._auth == None: | ||||
| return | return | ||||
| if domain == None: | if domain == None: | ||||
| if not self.domain == None: | if not self.domain == None: | ||||
| section = self.domain | section = self.domain | ||||
| domain = self.domain | domain = self.domain | ||||
| else: | else: | ||||
| section = 'kolab' | section = 'kolab' | ||||
| domain = conf.get('kolab', 'primary_domain') | domain = conf.get('kolab', 'primary_domain') | ||||
| else: | else: | ||||
| log.debug(_("Getting list of domains for %s ...") % (domain), level=5) | |||||
| self.list_domains(domain) | self.list_domains(domain) | ||||
| section = domain | section = domain | ||||
| log.debug( | |||||
| _("Using section %s and domain %s") % (section,domain), | |||||
| level=8 | |||||
| ) | |||||
| if not self.domains == None and self.domains.has_key(domain): | if not self.domains == None and self.domains.has_key(domain): | ||||
| section = self.domains[domain] | section = self.domains[domain] | ||||
| domain = self.domains[domain] | domain = self.domains[domain] | ||||
| log.debug( | log.debug( | ||||
| _("Using section %s and domain %s") % (section,domain), | _("Using section %s and domain %s") % (section,domain), | ||||
| level=8 | level=8 | ||||
| ) | ) | ||||
| log.debug( | |||||
| _("Connecting to Authentication backend for domain %s") % ( | |||||
| domain | |||||
| ), | |||||
| level=8 | |||||
| ) | |||||
| if not conf.has_section(section): | if not conf.has_section(section): | ||||
| section = 'kolab' | section = 'kolab' | ||||
| if not conf.has_option(section, 'auth_mechanism'): | if not conf.has_option(section, 'auth_mechanism'): | ||||
| log.debug( | log.debug( | ||||
| _("Section %s has no option 'auth_mechanism'") % (section), | _("Section %s has no option 'auth_mechanism'") % (section), | ||||
| level=8 | level=8 | ||||
| ) | ) | ||||
| section = 'kolab' | section = 'kolab' | ||||
| else: | else: | ||||
| log.debug( | log.debug( | ||||
| _("Section %s has auth_mechanism: %r") % ( | _("Section %s has auth_mechanism: %r") % ( | ||||
| section, | section, | ||||
| conf.get(section,'auth_mechanism') | conf.get(section,'auth_mechanism') | ||||
| ), | ), | ||||
| level=8 | level=8 | ||||
| ) | ) | ||||
| _auth_mechanism = conf.get(section, 'auth_mechanism') | |||||
| # Get the actual authentication and authorization backend. | # Get the actual authentication and authorization backend. | ||||
| if conf.get(section, 'auth_mechanism') == 'ldap': | if _auth_mechanism == 'ldap': | ||||
| log.debug(_("Starting LDAP..."), level=8) | log.debug(_("Initializing LDAP..."), level=8) | ||||
| from pykolab.auth import ldap | from pykolab.auth import ldap | ||||
| self._auth = ldap.LDAP(self.domain) | self._auth = ldap.LDAP(self.domain) | ||||
| elif conf.get(section, 'auth_mechanism') == 'sql': | elif _auth_mechanism == 'sql': | ||||
| log.debug(_("Initializing SQL..."), level=8) | |||||
| from pykolab.auth import sql | from pykolab.auth import sql | ||||
| self._auth = sql.SQL(self.domain) | self._auth = sql.SQL(self.domain) | ||||
| else: | else: | ||||
| log.debug(_("Starting LDAP..."), level=8) | log.debug(_("Fallback to LDAP. Initializing ..."), level=5) | ||||
| from pykolab.auth import ldap | from pykolab.auth import ldap | ||||
| self._auth = ldap.LDAP(self.domain) | self._auth = ldap.LDAP(self.domain) | ||||
| log.debug( | |||||
| _("Connecting to Authentication %s backend for domain %s") % ( | |||||
| _auth_mechanism, | |||||
| domain | |||||
| ), | |||||
| level=5 | |||||
| ) | |||||
| self._auth.connect() | self._auth.connect() | ||||
| def disconnect(self, domain=None): | def disconnect(self, domain=None): | ||||
| """ | """ | ||||
| Connect to the domain authentication backend using domain, or fall | Connect to the domain authentication backend using domain, or fall | ||||
| back to the primary domain specified by the configuration. | back to the primary domain specified by the configuration. | ||||
| """ | """ | ||||
| ▲ Show 20 Lines • Show All 104 Lines • ▼ Show 20 Lines | def list_domains(self, domain=None): | ||||
| self.domains = { kolab_primary_domain: kolab_primary_domain } | self.domains = { kolab_primary_domain: kolab_primary_domain } | ||||
| else: | else: | ||||
| self.domains = {} | self.domains = {} | ||||
| for primary, secondaries in domains: | for primary, secondaries in domains: | ||||
| self.domains[primary.lower()] = primary.lower() | self.domains[primary.lower()] = primary.lower() | ||||
| for secondary in secondaries: | for secondary in secondaries: | ||||
| self.domains[secondary.lower()] = primary.lower() | self.domains[secondary.lower()] = primary.lower() | ||||
| log.debug(_("List of domains for %s is: %s") % (domain, ", ".join(self.domains)), level=8) | |||||
| return self.domains | return self.domains | ||||
| def synchronize(self, mode=0, callback=None): | def synchronize(self, mode=0, callback=None): | ||||
| self._auth.synchronize(mode=mode, callback=callback) | self._auth.synchronize(mode=mode, callback=callback) | ||||
| def domain_default_quota(self, domain): | def domain_default_quota(self, domain): | ||||
| return self._auth._domain_default_quota(domain) | return self._auth._domain_default_quota(domain) | ||||
| def domain_naming_context(self, domain): | def domain_naming_context(self, domain): | ||||
| return self._auth._domain_naming_context(domain) | return self._auth._domain_naming_context(domain) | ||||
| def primary_domain_for_naming_context(self, domain): | def primary_domain_for_naming_context(self, domain): | ||||
| return self._auth._primary_domain_for_naming_context(domain) | return self._auth._primary_domain_for_naming_context(domain) | ||||
| def add_entry(self, domain, entry): | |||||
| return self._auth._add_entry(entry) | |||||
| def get_entry_attribute(self, domain, entry, attribute): | def get_entry_attribute(self, domain, entry, attribute): | ||||
| return self._auth.get_entry_attribute(entry, attribute) | return self._auth.get_entry_attribute(entry, attribute) | ||||
| def get_entry_attributes(self, domain, entry, attributes): | def get_entry_attributes(self, domain, entry, attributes): | ||||
| return self._auth.get_entry_attributes(entry, attributes) | return self._auth.get_entry_attributes(entry, attributes) | ||||
| def get_user_attribute(self, domain, user, attribute): | def get_user_attribute(self, domain, user, attribute): | ||||
| return self._auth.get_entry_attribute(user, attribute) | return self._auth.get_entry_attribute(user, attribute) | ||||
| Show All 18 Lines | |||||