lauri/certidude
1
0
Fork 0
mirror of https://github.com/laurivosandi/certidude synced 2025-10-30 17:09:19 +00:00
Code Issues Activity

Add preliminary LDAP fallback support for Kerberos protected API calls

Browse Source
This commit is contained in:
Lauri Võsandi
2017-01-30 07:04:05 +00:00
parent 4ae40c5d45
commit 0bca61e61f
1 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
certidude/auth.py
View File

@@ -35,6 +35,12 @@ if "kerberos" in config.AUTHENTICATION_BACKENDS:
def authenticate(optional=False): def authenticate(optional=False):
def wrapper(func): def wrapper(func):
def kerberos_authenticate(resource, req, resp, *args, **kwargs): def kerberos_authenticate(resource, req, resp, *args, **kwargs):
# If LDAP enabled and device is not Kerberos capable fall
# back to LDAP bind authentication
if "ldap" in config.AUTHENTICATION_BACKENDS:
if "Android" in req.user_agent:
return ldap_authenticate(resource, req, resp, *args, **kwargs)
# Try pre-emptive authentication # Try pre-emptive authentication
if not req.auth: if not req.auth:
if optional: if optional:
@@ -191,7 +197,7 @@ def authenticate(optional=False):
req.context["user"] = User.objects.get(user) req.context["user"] = User.objects.get(user)
return func(resource, req, resp, *args, **kwargs) return func(resource, req, resp, *args, **kwargs)
if config.AUTHENTICATION_BACKENDS == {"kerberos"}: if "kerberos" in config.AUTHENTICATION_BACKENDS:
return kerberos_authenticate return kerberos_authenticate
elif config.AUTHENTICATION_BACKENDS == {"pam"}: elif config.AUTHENTICATION_BACKENDS == {"pam"}:
return pam_authenticate return pam_authenticate