mirror of
https://github.com/laurivosandi/certidude
synced 2024-12-23 00:25:18 +00:00
Add preliminary LDAP fallback support for Kerberos protected API calls
This commit is contained in:
parent
4ae40c5d45
commit
0bca61e61f
@ -35,6 +35,12 @@ if "kerberos" in config.AUTHENTICATION_BACKENDS:
|
|||||||
def authenticate(optional=False):
|
def authenticate(optional=False):
|
||||||
def wrapper(func):
|
def wrapper(func):
|
||||||
def kerberos_authenticate(resource, req, resp, *args, **kwargs):
|
def kerberos_authenticate(resource, req, resp, *args, **kwargs):
|
||||||
|
# If LDAP enabled and device is not Kerberos capable fall
|
||||||
|
# back to LDAP bind authentication
|
||||||
|
if "ldap" in config.AUTHENTICATION_BACKENDS:
|
||||||
|
if "Android" in req.user_agent:
|
||||||
|
return ldap_authenticate(resource, req, resp, *args, **kwargs)
|
||||||
|
|
||||||
# Try pre-emptive authentication
|
# Try pre-emptive authentication
|
||||||
if not req.auth:
|
if not req.auth:
|
||||||
if optional:
|
if optional:
|
||||||
@ -191,7 +197,7 @@ def authenticate(optional=False):
|
|||||||
req.context["user"] = User.objects.get(user)
|
req.context["user"] = User.objects.get(user)
|
||||||
return func(resource, req, resp, *args, **kwargs)
|
return func(resource, req, resp, *args, **kwargs)
|
||||||
|
|
||||||
if config.AUTHENTICATION_BACKENDS == {"kerberos"}:
|
if "kerberos" in config.AUTHENTICATION_BACKENDS:
|
||||||
return kerberos_authenticate
|
return kerberos_authenticate
|
||||||
elif config.AUTHENTICATION_BACKENDS == {"pam"}:
|
elif config.AUTHENTICATION_BACKENDS == {"pam"}:
|
||||||
return pam_authenticate
|
return pam_authenticate
|
||||||
|
Loading…
Reference in New Issue
Block a user