making radicale support authenticated user from apache

This commit is contained in:
François Schmidts 2013-08-27 10:55:30 +02:00
parent e2dbdd4d96
commit 34163c5020
3 changed files with 38 additions and 3 deletions

2
config
View File

@ -47,7 +47,7 @@ stock = utf-8
[auth] [auth]
# Authentication method # Authentication method
# Value: None | htpasswd | IMAP | LDAP | PAM | courier | http | custom # Value: None | htpasswd | IMAP | LDAP | PAM | courier | http | custom | apache
type = None type = None
# custom auth handler # custom auth handler

View File

@ -273,10 +273,15 @@ class Application(object):
# Ask authentication backend to check rights # Ask authentication backend to check rights
authorization = environ.get("HTTP_AUTHORIZATION", None) authorization = environ.get("HTTP_AUTHORIZATION", None)
# Get the apache authentified user
remote_user = environ.get("REMOTE_USER", None)
if authorization: if authorization:
authorization = authorization.lstrip("Basic").strip() authorization = authorization.lstrip("Basic").strip()
user, password = self.decode(base64.b64decode( user, password = self.decode(base64.b64decode(
authorization.encode("ascii")), environ).split(":", 1) authorization.encode("ascii")), environ).split(":", 1)
elif remote_user:
user, password = remote_user, None
else: else:
user = password = None user = password = None

30
radicale/auth/apache.py Normal file
View File

@ -0,0 +1,30 @@
# -*- coding: utf-8 -*-
#
# This file is part of Radicale Server - Calendar Server
# Copyright © 2012 Ehsanul Hoque
# Copyright © 2013 Guillaume Ayoub
#
# This library is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Radicale. If not, see <http://www.gnu.org/licenses/>.
"""
Trusting apache auth mechanism.
"""
from .. import log
def is_authenticated(user, password):
"""Check if ``user`` is defined and assuming it's valid."""
log.LOGGER.debug('Got user %r from apache.' % user)
return user is not None