Skip to content
Snippets Groups Projects
Verified Commit a2e2470d authored by Tanner Prestegard's avatar Tanner Prestegard
Browse files

Make X509 headers start with 'HTTP'

parent 43ad4513
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
config/settings/base.py
+ 2
2
View file @ a2e2470d
......@@ -271,8 +271,8 @@ SHIB_ATTRIBUTE_MAP = {
# Headers to use for X509 authentication
X509_SUBJECT_DN_HEADER = 'HTTP_SSL_CLIENT_S_DN'
X509_ISSUER_DN_HEADER = 'HTTP_SSL_CLIENT_I_DN'
X509_CERT_HEADER = 'X_FORWARDED_TLS_CLIENT_CERT'
X509_INFOS_HEADER = 'X_FORWARDED_TLS_CLIENT_CERT_INFOS'
X509_CERT_HEADER = 'HTTP_X_FORWARDED_TLS_CLIENT_CERT'
X509_INFOS_HEADER = 'HTTP_X_FORWARDED_TLS_CLIENT_CERT_INFOS'
# List of authentication backends to use when attempting to authenticate
# a user. Will be used in this order. Authentication for the API is
......
gracedb/api/backends.py
+ 2
2
View file @ a2e2470d
......@@ -168,7 +168,7 @@ class GraceDbX509CertInfosAuthentication(GraceDbX509Authentication):
"""
api_only = True
infos_header = getattr(settings, 'X509_INFOS_HEADER',
'X_FORWARDED_TLS_CLIENT_CERT_INFOS')
'HTTP_X_FORWARDED_TLS_CLIENT_CERT_INFOS')
infos_pattern = re.compile(r'Subject="(.*?)".*Issuer="(.*?)"')
@classmethod
......@@ -210,7 +210,7 @@ class GraceDbX509FullCertAuthentication(GraceDbX509Authentication):
api_only = True
www_authenticate_realm = 'api'
cert_header = getattr(settings, 'X509_CERT_HEADER',
'X_FORWARDED_TLS_CLIENT_CERT')
'HTTP_X_FORWARDED_TLS_CLIENT_CERT')
def authenticate(self, request):
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment