Commit 28284d79 authored by Branson Stephens's avatar Branson Stephens

Reverted to Kerberos auth and wiped out local changes to django.wsgi.

parent 9c187847
......@@ -6,11 +6,9 @@ os.environ['DJANGO_SETTINGS_MODULE'] = 'settings'
# Sandbox libs here, if required.
#
#sys.path.append('/home/lars/wsgi-sandbox/lib/python2.6')
#sys.path.append('/home/lars/wsgi-sandbox/lib/python2.6/site-packages')
sys.path.append('/home/branson/sandbox/lib/python2.6')
sys.path.append('/home/branson/sandbox/lib/python2.6/site-packages')
sys.path.append('/home/branson/gracedbdev')
sys.path.append('/home/lars/wsgi-sandbox/lib/python2.6')
sys.path.append('/home/lars/wsgi-sandbox/lib/python2.6/site-packages')
sys.path.append('/home/gracedb/graceproj')
import django.core.handlers.wsgi
application = django.core.handlers.wsgi.WSGIHandler()
......
......@@ -19,42 +19,38 @@ class LigoAuthMiddleware:
ligouser = None
user = None
principal = request.META.get('REMOTE_USER')
certdn = request.META.get('SSL_CLIENT_S_DN')
issuer = request.META.get('SSL_CLIENT_I_DN')
if not certdn:
try:
# mod_python is a little off...
# SSL info is in request._req
# Need to try/except because _req is
# not defined in WSGI request.
certdn = request._req.ssl_var_lookup ('SSL_CLIENT_S_DN')
issuer = request._req.ssl_var_lookup ('SSL_CLIENT_I_DN')
pass
except:
pass
queryResult = []
if not request.user.is_anonymous():
# Scott's middleware has set the user aready using shib.
# Let's add some more attributes.
principal = request.user.username
request.user.name = nameFromPrincipal(principal)
if principal:
# Kerberos.
queryResult = User.objects.filter(principal=principal)
else:
# authenticate with certs
certdn = request.META.get('SSL_CLIENT_S_DN')
issuer = request.META.get('SSL_CLIENT_I_DN')
if not certdn:
try:
# mod_python is a little off...
# SSL info is in request._req
# Need to try/except because _req is
# not defined in WSGI request.
certdn = request._req.ssl_var_lookup ('SSL_CLIENT_S_DN')
issuer = request._req.ssl_var_lookup ('SSL_CLIENT_I_DN')
pass
except:
pass
if certdn and certdn.startswith(issuer):
# proxy.
# Proxies can be signed by proxies.
# Each level of "proxification" causes the subject
# to have a '/CN=[0-9]+ appended to the signers subject.
# These must be removed to discover the original identity's
# subject DN.
issuer = proxyPattern.match(issuer).group(1)
queryResult = User.objects.filter(dn=issuer)
elif certdn:
# cert in browser.
queryResult = User.objects.filter(dn=certdn)
elif certdn and certdn.startswith(issuer):
# proxy.
# Proxies can be signed by proxies.
# Each level of "proxification" causes the subject
# to have a '/CN=[0-9]+ appended to the signers subject.
# These must be removed to discover the original identity's
# subject DN.
issuer = proxyPattern.match(issuer).group(1)
queryResult = User.objects.filter(dn=issuer)
elif certdn:
# cert in browser.
queryResult = User.objects.filter(dn=certdn)
if queryResult:
ligouser = queryResult[0]
......
......@@ -54,9 +54,8 @@ SKYALERT_DESCRIPTION = "LIGO / Virgo trigger"
SKYALERT_SUBMITTERS = ['Patrick Brady', 'Brian Moe']
#GRACEDB_DATA_DIR = "/mnt/gracedb-web/data"
GRACEDB_DATA_DIR = "/mnt/gracedb-web/data"
#GRACEDB_DATA_DIR = "/mnt/gracedb-web-temp/data"
GRACEDB_DATA_DIR = "/home/branson/fake_data"
# Latency histograms. Where they go and max latency to bin.
LATENCY_REPORT_DEST_DIR = "/home/gracedb/data/latency"
......@@ -142,8 +141,7 @@ TEMPLATE_LOADERS = (
#'django.template.loaders.filesystem.load_template_source',
# replaced by...
'django.template.loaders.filesystem.Loader',
# 'django.template.loaders.app_directories.load_template_source',
'django.template.loaders.app_directories.Loader',
'django.template.loaders.app_directories.load_template_source',
# 'django.template.loaders.eggs.load_template_source',
)
......@@ -160,23 +158,15 @@ TEMPLATE_CONTEXT_PROCESSORS = (
'middleware.debug.LigoDebugContext',
)
AUTHENTICATION_BACKENDS = (
'gracedb.middleware.auth.LigoAuthBackend',
'ligodjangoauth.LigoShibbolethAuthBackend',
'django.contrib.auth.backends.ModelBackend',
)
SHIB_AUTHENTICATION_SESSION_INITIATOR = 'https://moe.phys.uwm.edu/Shibboleth.sso/Login'
AUTHENTICATION_BACKENDS = ('gracedb.middleware.auth.LigoAuthBackend',)
MIDDLEWARE_CLASSES = [
'middleware.accept.AcceptMiddleware',
'gracedb.middleware.auth.LigoAuthMiddleware',
'middleware.cli.CliExceptionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'ligodjangoauth.LigoShibbolethMiddleware',
'gracedb.middleware.auth.LigoAuthMiddleware',
]
ROOT_URLCONF = 'urls'
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment