[X2go-Commits] x2gobroker.git - master (branch) updated: 26bbbeff46c29c039dd9574d1c1b57284c360d61
X2Go dev team
git-admin at x2go.org
Fri Dec 7 10:49:02 CET 2012
The branch, master has been updated
via 26bbbeff46c29c039dd9574d1c1b57284c360d61 (commit)
via b52e51c2d66eb72980f93efafe27d64d58597c32 (commit)
via b045b4d4ad0c548faa15be947050da2481fb73ca (commit)
via 3f8bd5f94d58566385272da0e06113c46da8c593 (commit)
from e57e22bfd435d8517b1c346c0c24ad4115805acc (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 26bbbeff46c29c039dd9574d1c1b57284c360d61
Author: Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
Date: Fri Dec 7 10:49:02 2012 +0100
implement base.X2GoBroker.get_authentication_mechanism(), including its unittest
commit b52e51c2d66eb72980f93efafe27d64d58597c32
Author: Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
Date: Fri Dec 7 10:48:06 2012 +0100
simplify test: x2gobroker/tests/test_backend_inifile.py
commit b045b4d4ad0c548faa15be947050da2481fb73ca
Author: Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
Date: Fri Dec 7 10:47:43 2012 +0100
force config processing to unicode
commit 3f8bd5f94d58566385272da0e06113c46da8c593
Author: Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
Date: Fri Dec 7 10:45:32 2012 +0100
comment out all config file options, as they are the hard-coded defaults, anyway. Rename *-db and auth-mech in global section to default-*
-----------------------------------------------------------------------
Summary of changes:
etc/x2gobroker.conf | 78 +++++++++------
x2gobroker/backends/base.py | 60 +++++++++++-
x2gobroker/config.py | 15 +--
x2gobroker/defaults.py | 139 ++++++++++++++-------------
x2gobroker/tests/test_backend_base.py | 33 +++++++
x2gobroker/tests/test_backend_inifile.py | 2 +-
x2gobroker/tests/test_web_plain_zeroconf.py | 2 -
7 files changed, 218 insertions(+), 111 deletions(-)
The diff of changes is:
diff --git a/etc/x2gobroker.conf b/etc/x2gobroker.conf
index fdfe5ad..0f30078 100644
--- a/etc/x2gobroker.conf
+++ b/etc/x2gobroker.conf
@@ -49,67 +49,85 @@
# A production backend that stores all session profile, server and session
# profile mapping in LDAP
-backend = zeroconf
# Allow unauthenticated connections? Then set check_credentials to false (i.e. 0)
-check-credentials = true
+#check-credentials = true
# To secure server-client communication the client can start the communication
# with a pre-set, agreed on authentication ID. Set the below value to 1 to make
# use of this feature
-use-authid = false
+#use-authid = false
# X2Go supports two different auth ID modes (static and dynamic), for now set the
# below value to true
-use-static-authid = true
+#use-static-authid = true
# Make up your own authid below...
-authid = <aaaavveeeerrrrryyyyylooonnnnggggssttrrriiinnnggg>
+#authid = <aaaavveeeerrrrryyyyylooonnnnggggssttrrriiinnnggg>
# X2Go Session Broker knows about two output formats: a text/html based output
# and a text/json based output. The different outputs run under different URLs
# enable {base_url}/plain/
-enable-plain-output = true
+#enable-plain-output = true
# enable {base_url}/json/ (THIS IS FUTURE, mg-20121129)
-enable-json-output = false
+#enable-json-output = false
# enable {base_url}/html/ (THIS IS FUTURE, mg-20121129)
-enable-html-output = false
+#enable-html-output = false
# default authentication mechanism for all broker backends
-auth-mech = pam
+#default-auth-mech = pam
# how does this X2Go Session Broker instance retrieve user and group information
# from the system? (defaults for all broker backends)
-user-db = libnss
-group-db = libnss
+#default-user-db = libnss
+#default-group-db = libnss
###
-### configurations for individual session brokers
+### BACKEND section
###
+# Possible X2Go Session Broker backends:
+#
+# 1. backend = zeroconf
+# Use the ZeroConf X2Go Session Broker backend, this backend is for demo only
+# and only operates on localhost. Make sure you have x2gobroker, x2gobroker-agent
+# and x2goserver installed on the same machine.
+
+# 2. backend = infile
+# The IniFile X2Go Session Broker backend is for providing session profiles
+# to multiple users/clients on a text config file basis.
+#
+# The session profile setup is accomplished by an extra configuration file,
+# by default named /etc/x2go/x2gobroker-sessionproiles.conf.
+#
+# For small-scale deployments the IniFile backend is the recommended backend.
+
+# 4. backend = ldap
+# A production backend that stores all session profile, server and session
+# profile mapping in LDAP (MUSIC OF THE FUTURE!!!)
+
[zeroconf]
-enable = true
-auth-mech = pam
-user-db = libnss
-group-db = libnss
-desktop-shell = KDE
+#enable = true
+#auth-mech = pam
+#user-db = libnss
+#group-db = libnss
+#desktop-shell = KDE
[inifile]
-enable = false
-session-profiles = /etc/x2go/broker/x2gobroker-sessionprofiles.conf
+#enable = false
+#session-profiles = /etc/x2go/broker/x2gobroker-sessionprofiles.conf
[ldap]
-enable = false
-# override default auth-mech
-auth-mech = ldap
-user-db = ldap
-group-db = ldap
-uri = ldap://localhost:389
-base = dc=example,dc=org
-user-search-filter = (&(objectClass=posixAccount)(uid=*))
-host-search-filter = (&(objectClass=ipHost)(serial=X2GoServer)(cn=*))
-group-search-filter = (&(objectClass=posifxGroup)(cn=*))
-starttls = false
+#enable = false
+#auth-mech = ldap
+#user-db = ldap
+#group-db = ldap
+#uri = ldap://localhost:389
+#base = dc=example,dc=org
+#user-search-filter = (&(objectClass=posixAccount)(uid=*))
+#host-search-filter = (&(objectClass=ipHost)(serial=X2GoServer)(cn=*))
+#group-search-filter = (&(objectClass=posifxGroup)(cn=*))
+#starttls = false
diff --git a/x2gobroker/backends/base.py b/x2gobroker/backends/base.py
index 9c2e5b7..1bde0e7 100644
--- a/x2gobroker/backends/base.py
+++ b/x2gobroker/backends/base.py
@@ -297,10 +297,7 @@ class X2GoBroker(object):
def _do_authenticate(self, username='', password=''):
- if self.config.has_value(self.backend_name, 'auth-mech'):
- _auth_mech = self.config.get_value(self.backend_name, 'auth-mech').lower()
- else:
- _auth_mech = "pam"
+ _auth_mech = self.get_authentication_mechanism()
if _auth_mech == 'pam':
return self._auth_mech_pam(username=username, password=password)
@@ -313,6 +310,61 @@ class X2GoBroker(object):
return False
+ def get_authentication_mechanism(self):
+ """\
+ Get the name of the authentication mechanism that is configured for this
+ X2Go Session Broker instance.
+
+ @return: auth-mech name
+ @rtype: C{unicode}
+
+ """
+ _default_auth_mech = "pam"
+ _auth_mech = ""
+ if self.config.has_value('global', 'default-auth-mech'):
+ _default_auth_mech = self.config.get_value('global', 'default-auth-mech').lower()
+
+ if self.config.has_value(self.backend_name, 'auth-mech'):
+ _auth_mech = self.config.get_value(self.backend_name, 'auth-mech').lower()
+
+ return unicode(_auth_mech) or unicode(_default_auth_mech)
+
+ def get_userdb_backend(self):
+ """\
+ Get the name of the backend being used for retrieving user information from the
+ system.
+
+ @return: user database backend name
+ @rtype: C{unicode}
+
+ """
+ _user_db = "libnss"
+ if self.config.has_value('global', 'default-user-db'):
+ _user_db = self.config.get_value('global', 'default-user-db').lower()
+
+ if self.config.has_value(self.backend_name, 'user-db'):
+ _user_db = self.config.get_value(self.backend_name, 'user-db').lower()
+
+ return unicode(_user_db)
+
+ def get_groupdb_backend(self):
+ """\
+ Get the name of the backend being used for retrieving group information from the
+ system.
+
+ @return: group database backend name
+ @rtype: C{unicode}
+
+ """
+ _group_db = "libnss"
+ if self.config.has_value('global', 'default-group-db'):
+ _group_db = self.config.get_value('global', 'default-group-db').lower()
+
+ if self.config.has_value(self.backend_name, 'group-db'):
+ _group_db = self.config.get_value(self.backend_name, 'group-db').lower()
+
+ return unicode(_group_db)
+
def check_access(self, username='', password='', authid=None, ):
"""\
Check if a given user with a given password may gain access to the
diff --git a/x2gobroker/config.py b/x2gobroker/config.py
index a2979ab..90adbf8 100644
--- a/x2gobroker/config.py
+++ b/x2gobroker/config.py
@@ -209,13 +209,13 @@ class X2GoBrokerConfigFile(object):
@rtype: class
"""
- if section in self.defaultValues.keys():
+ if section in self.defaultValues.keys() and key in self.defaultValues[section].keys():
return type(self.defaultValues[section][key])
else:
try:
return type(self.defaultValues['DEFAULT'][key])
except KeyError:
- return None
+ return type(u'')
def has_value(self, section, key):
"""\
@@ -279,7 +279,7 @@ class X2GoBrokerConfigFile(object):
else:
_val = self.iniConfig.get(section, key)
- return _val.decode(x2gobroker.utils.get_encoding())
+ return _val
get = get_value
__call__ = get_value
@@ -295,10 +295,13 @@ class X2GoBrokerConfigFile(object):
_ini_defaults = self.iniConfig.defaults()
for option in _ini_defaults.keys():
try:
- _my_defaults[option] = self.get('DEFAULT', option, key_type=self.get_type('DEFAULT', option))
+ _my_defaults[unicode(option)] = self.get('DEFAULT', option, key_type=self.get_type('DEFAULT', option))
except KeyError:
continue
+ try: del _my_defaults[u'default']
+ except KeyError: pass
+
return _my_defaults
@@ -316,7 +319,7 @@ class X2GoBrokerConfigFile(object):
_section_config = {}
for option in self.iniConfig.options(section):
if option not in self.iniConfig.sections():
- _section_config[option] = self.get(section, option, key_type=self.get_type(section, option))
+ _section_config[unicode(option)] = self.get(section, option, key_type=self.get_type(section, option))
return _section_config
@@ -328,7 +331,7 @@ class X2GoBrokerConfigFile(object):
@rtype: C{list}
"""
- return self.iniConfig.sections()
+ return [ unicode(s) for s in self.iniConfig.sections() ]
@property
def printable_config_file(self):
diff --git a/x2gobroker/defaults.py b/x2gobroker/defaults.py
index 85aaafc..ef9b759 100644
--- a/x2gobroker/defaults.py
+++ b/x2gobroker/defaults.py
@@ -49,85 +49,88 @@ else:
# defaults for X2Go Sessino Broker configuration file
X2GOBROKER_CONFIG_DEFAULTS = {
'global': {
- 'backend': 'zeroconf',
- 'check-credentials': True,
- 'use-authid': False,
- 'use-static-authid': True,
- 'authid': uuid.uuid4(),
- 'enable-plain-output': True,
- 'enable-json-output': False,
- 'enable-html-output': False,
- 'auth-mech': 'pam',
- 'user-db': 'libnss',
- 'group-db': 'libnss',
+ u'backend': u'zeroconf',
+ u'check-credentials': True,
+ u'use-authid': False,
+ u'use-static-authid': True,
+ u'authid': uuid.uuid4(),
+ u'enable-plain-output': True,
+ u'enable-json-output': False,
+ u'enable-html-output': False,
+ u'default-auth-mech': u'pam',
+ u'default-user-db': u'libnss',
+ u'default-group-db': u'libnss',
},
'zeroconf': {
- 'enable': True,
- 'auth-mech': 'pam',
- 'user-db': 'libnss',
- 'group-db': 'libnss',
- 'desktop-shell': 'KDE',
+ u'enable': True,
+ u'auth-mech': u'pam',
+ u'user-db': u'libnss',
+ u'group-db': u'libnss',
+ u'desktop-shell': u'KDE',
},
'inifile': {
- 'enable': False,
- 'session-profiles': '/etc/x2go/broker/x2gobroker-sessionprofiles.conf',
+ u'enable': False,
+ u'session-profiles': u'/etc/x2go/broker/x2gobroker-sessionprofiles.conf',
+ u'auth-mech': u'',
+ u'user-db': u'',
+ u'group-db': u'',
},
'ldap': {
- 'enable': False,
- 'auth-mech': 'ldap',
- 'user-db': 'ldap',
- 'group-db': 'ldap',
- 'uri': 'ldap://localhost:389',
- 'base': 'dc=example,dc=org',
- 'user-search-filter': '(&(objectClass=posixAccount)(uid=*))',
- 'host-search-filter': '(&(objectClass=ipHost)(serial=X2GoServer)(cn=*))',
- 'group-search-filter': '(&(objectClass=posifxGroup)(cn=*))',
- 'starttls': False,
+ u'enable': False,
+ u'auth-mech': u'ldap',
+ u'user-db': u'ldap',
+ u'group-db': u'ldap',
+ u'uri': u'ldap://localhost:389',
+ u'base': u'dc=example,dc=org',
+ u'user-search-filter': u'(&(objectClass=posixAccount)(uid=*))',
+ u'host-search-filter': u'(&(objectClass=ipHost)(serial=X2GoServer)(cn=*))',
+ u'group-search-filter': u'(&(objectClass=posifxGroup)(cn=*))',
+ u'starttls': False,
},
}
# defaults for X2Go Sessino Broker session profiles file
X2GOBROKER_SESSIONPROFILE_DEFAULTS = {
'DEFAULT': {
- 'defsndport': True,
- 'useiconv': False,
- 'iconvfrom': 'UTF-8',
- 'height': 600,
- 'export': '',
- 'quality': 9,
- 'fullscreen': False,
- 'layout': '',
- 'useexports': True,
- 'width': 800,
- 'speed': 2,
- 'soundsystem': 'pulse',
- 'print': True,
- 'type': 'auto',
- 'sndport': 4713,
- 'xinerama': True,
- 'variant': '',
- 'usekbd': True,
- 'fstunnel': True,
- 'applications': ['TERMINAL','WWWBROWSER','MAILCLIENT','OFFICE'],
- 'multidisp': False,
- 'sshproxyport': 22,
- 'sound': True,
- 'rootless': False,
- 'iconvto': 'UTF-8',
- 'soundtunnel': True,
- 'dpi': 96,
- 'sshport': 22,
- 'setdpi': 0,
- 'pack': '16m-jpeg',
- 'acl-users-allow': ['ALL'],
- 'acl-users-deny': [],
- 'acl-users-order': '',
- 'acl-groups-allow': ['ALL'],
- 'acl-groups-deny': [],
- 'acl-groups-order': '',
- 'acl-clients-allow': ['ALL'],
- 'acl-clients-deny': [],
- 'acl-clients-order': '',
- 'acl-any-order': 'deny-allow',
+ u'defsndport': True,
+ u'useiconv': False,
+ u'iconvfrom': u'UTF-8',
+ u'height': 600,
+ u'export': u'',
+ u'quality': 9,
+ u'fullscreen': False,
+ u'layout': u'',
+ u'useexports': True,
+ u'width': 800,
+ u'speed': 2,
+ u'soundsystem': u'pulse',
+ u'print': True,
+ u'type': u'auto',
+ u'sndport': 4713,
+ u'xinerama': True,
+ u'variant': u'',
+ u'usekbd': True,
+ u'fstunnel': True,
+ u'applications': [u'TERMINAL',u'WWWBROWSER',u'MAILCLIENT',u'OFFICE'],
+ u'multidisp': False,
+ u'sshproxyport': 22,
+ u'sound': True,
+ u'rootless': False,
+ u'iconvto': u'UTF-8',
+ u'soundtunnel': True,
+ u'dpi': 96,
+ u'sshport': 22,
+ u'setdpi': 0,
+ u'pack': u'16m-jpeg',
+ u'acl-users-allow': [u'ALL'],
+ u'acl-users-deny': [],
+ u'acl-users-order': '',
+ u'acl-groups-allow': [u'ALL'],
+ u'acl-groups-deny': [],
+ u'acl-groups-order': '',
+ u'acl-clients-allow': [u'ALL'],
+ u'acl-clients-deny': [],
+ u'acl-clients-order': '',
+ u'acl-any-order': u'deny-allow',
},
}
diff --git a/x2gobroker/tests/test_backend_base.py b/x2gobroker/tests/test_backend_base.py
index b629156..33f5efe 100644
--- a/x2gobroker/tests/test_backend_base.py
+++ b/x2gobroker/tests/test_backend_base.py
@@ -61,6 +61,39 @@ enable = true
self.assertEqual(base_backend.is_enabled(), True)
tf.close()
+ ### TEST CONFIGURATION: <backend> >> enable = true|false
+
+ def test_globalandbackendoptions(self):
+ _config_defaults = copy.deepcopy(x2gobroker.defaults.X2GOBROKER_CONFIG_DEFAULTS)
+ _config_defaults.update({'base': {'enable': True, }, })
+ _config = """
+[global]
+default-auth-mech = foo-auth-mech
+
+[base]
+enable = true
+"""
+ tf = tempfile.NamedTemporaryFile()
+ print >> tf, _config
+ tf.seek(0)
+ base_backend = x2gobroker.backends.base.X2GoBroker(config_file=tf.name)
+ self.assertEqual(base_backend.get_authentication_mechanism(), 'foo-auth-mech')
+ _config = """
+[global]
+default-auth-mech = foo-auth-mech
+
+[base]
+enable = true
+auth-mech = bar-auth-mech
+"""
+ tf = tempfile.NamedTemporaryFile()
+ print >> tf, _config
+ tf.seek(0)
+ base_backend = x2gobroker.backends.base.X2GoBroker(config_file=tf.name, config_defaults=_config_defaults)
+ self.assertEqual(base_backend.get_authentication_mechanism(), 'bar-auth-mech')
+ tf.close()
+
+
### TEST CONFIGURATION: global >> check-credentials = false
def test_check_access_nocreds(self):
diff --git a/x2gobroker/tests/test_backend_inifile.py b/x2gobroker/tests/test_backend_inifile.py
index b927e46..f51fbad 100644
--- a/x2gobroker/tests/test_backend_inifile.py
+++ b/x2gobroker/tests/test_backend_inifile.py
@@ -49,7 +49,7 @@ class TestX2GoBrokerBackendInifile(unittest.TestCase):
if key.startswith('acl-'):
del _expected_profile_defaults[key]
for _param in _profile_defaults:
- self.assertTrue( ( _param in _expected_profile_defaults.keys() and _profile_defaults[_param] == _expected_profile_defaults[_param] ) )
+ self.assertTrue( ( _param in _expected_profile_defaults.keys() ) )
for _param in _expected_profile_defaults:
self.assertTrue( ( _param in _profile_defaults.keys() and _profile_defaults[_param] == _expected_profile_defaults[_param] ) )
diff --git a/x2gobroker/tests/test_web_plain_zeroconf.py b/x2gobroker/tests/test_web_plain_zeroconf.py
index 287ab89..4d6020e 100644
--- a/x2gobroker/tests/test_web_plain_zeroconf.py
+++ b/x2gobroker/tests/test_web_plain_zeroconf.py
@@ -31,8 +31,6 @@ from x2gobroker.web.plain import *
urls = ( '/plain/(.*)', 'X2GoBrokerWebPlain',)
app = web.application(urls, globals())
-x2gobroker.defaults.X2GOBROKER_CONFIG_DEFAULTS.update({'base': {'enable': True, 'auth-mech': 'pam', }, })
-
class TestX2GoBrokerWebPlainZeroconf(unittest.TestCase):
### TEST TASK: listsessions (you can influence the session command via the X2Go Broker's configurationfile)
hooks/post-receive
--
x2gobroker.git (HTTP(S) Session broker for X2Go)
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "x2gobroker.git" (HTTP(S) Session broker for X2Go).
More information about the x2go-commits
mailing list