This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2gobroker. commit f1382f48ffb408c7904874e15978c3f4c59538db Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Sun Mar 9 21:12:42 2014 +0100 Revert "Allow switching to dynamic cookie auth, after the connection has been successfully established by a first successful user+password authentication." This reverts commit 31e2b0c99d26a5061fbb4c85fd86f0d229decfc5. Conflicts: debian/changelog x2gobroker/brokers/base_broker.py --- debian/changelog | 3 --- etc/x2gobroker.conf | 9 --------- x2gobroker/brokers/base_broker.py | 6 ++++-- x2gobroker/defaults.py | 1 - 4 files changed, 4 insertions(+), 15 deletions(-) diff --git a/debian/changelog b/debian/changelog index ac7f2aa..1a88420 100644 --- a/debian/changelog +++ b/debian/changelog @@ -93,9 +93,6 @@ x2gobroker (0.0.3.0-0x2go1) UNRELEASED; urgency=low x2gobroker(-daemon) is run as uidNumber 0. - Implement dynamic authid for JSON WebUI frontend. Add a generic metadata top level to the JSON output tree. - - Allow switching to dynamic cookie auth, after the connection has been - successfully established by a first successful user+password - authentication. - Store cookies in /var/lib/x2gobroker (path is more appropriate than previously suggested path /var/log/x2gobroker). * debian/control: diff --git a/etc/x2gobroker.conf b/etc/x2gobroker.conf index 33f8ccf..730ca03 100644 --- a/etc/x2gobroker.conf +++ b/etc/x2gobroker.conf @@ -34,15 +34,6 @@ # to make the X2Go Session Broker require this feature #require-cookie = false -# If require-cookie is set to true, the user normally always needs an initial -# authentication cookie to start the connection with (this is pre-shared key -# the broker admin has to provide to X2Go Client users). -# -# Alternatively, you can allow a first authentication without cookie, but with -# username and password only. Further authentication then can use the cookie -# provided after first successful connect. -#password-auth-initializes-cookie=true - # X2Go supports two different cookie authentication modes (static and dynamic). # Dynamic cookies send new cookie to client on every request. This could possibly # cause issues if a client ever tries multiple requests at the same time. diff --git a/x2gobroker/brokers/base_broker.py b/x2gobroker/brokers/base_broker.py index 66e92e5..f8445a3 100644 --- a/x2gobroker/brokers/base_broker.py +++ b/x2gobroker/brokers/base_broker.py @@ -755,6 +755,8 @@ class X2GoBroker(object): # this catches a validation check from the UCCS web frontend... return False, None + ### IMPLEMENT YOUR AUTHENTICATION LOGIC IN THE self._do_authenticate(**kwargs) METHOD + ### when inheriting from the base.X2GoBroker class. if type(cookie) is types.StringType: cookie = unicode(cookie) @@ -781,8 +783,8 @@ class X2GoBroker(object): logger_broker.warning('base_broker.X2GoBroker.check_access(): could not create cookie-directory {cookie_directory} failing to authenticate'.format(cookie_directory=cookie_directory)) return False, None - if access or cookie == None or cookie == "" or self.config.get_value('global', 'password-auth-initializes-cookie'): - # this should be the first time we have seen this user or they are using old client so verify their password + if access or cookie == None or cookie == "": + # this should be the first time we have seen this user or they are using old client so verify their passwrd ### IMPLEMENT YOUR AUTHENTICATION LOGIC IN THE self._do_authenticate(**kwargs) METHOD ### when inheriting from the base.X2GoBroker class. diff --git a/x2gobroker/defaults.py b/x2gobroker/defaults.py index c1b3749..a652837 100644 --- a/x2gobroker/defaults.py +++ b/x2gobroker/defaults.py @@ -182,7 +182,6 @@ X2GOBROKER_CONFIG_DEFAULTS = { 'global': { u'require-password': True, u'require-cookie': False, - u'password-auth-initializes-cookie': True, u'use-static-cookie': True, u'auth-timeout': 36000, u'cookie-directory': '/var/lib/x2gobroker/cookies', -- Alioth's /srv/git/_hooks_/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git