[Mpuls-commits] r919 - wasko/branches/2.0/waskaweb/lib
scm-commit@wald.intevation.org
scm-commit at wald.intevation.org
Tue Jan 26 18:32:22 CET 2010
Author: torsten
Date: 2010-01-26 18:32:21 +0100 (Tue, 26 Jan 2010)
New Revision: 919
Modified:
wasko/branches/2.0/waskaweb/lib/security.py
Log:
* waskaweb/lib/security.py (slashSplit): New. Moved from lib.helpers
* waskaweb/lib/security.py (getKAName): New Moved from lib.helpers
* waskaweb/lib/security.py (getKAName): Log error in case of an exception
istead of debug
Modified: wasko/branches/2.0/waskaweb/lib/security.py
===================================================================
--- wasko/branches/2.0/waskaweb/lib/security.py 2010-01-26 17:21:08 UTC (rev 918)
+++ wasko/branches/2.0/waskaweb/lib/security.py 2010-01-26 17:32:21 UTC (rev 919)
@@ -71,6 +71,14 @@
log = logging.getLogger(__name__)
+def slashSplit(s):
+ for p in s.split("/"):
+ if p.find("=") == -1 and out:
+ out[-1] += '/'+ p
+ else:
+ out.append(p)
+ return out
+
def validPassword(s):
try:
ASCII_DECODER(s)
@@ -216,9 +224,24 @@
dbname = config.get('mpuls.db.name')
return NEW_DBS.get(dbname, dbname)
except:
- log.debug("Could not fetch database name from client certificate")
+ log.error("Could not fetch database name from client certificate")
return dbname
+def getKAName():
+ kaname = ""
+ try:
+ for f in slashSplit(request.environ['SSL_CLIENT_S_DN'])[::-1]:
+ field = f.split('=')
+ # There are two OU. We want the one != WASKA
+ if field[0] == "OU" and field[1] != "WASKA":
+ kaname = field[1]
+ except:
+ try:
+ kaname = config.get('mpuls.app.name')
+ except:
+ log.error("Could not fetch KA-name from client certificate")
+ return kaname
+
def checkRole(role):
if type(role) in (ListType, TupleType): _role = role
else: _role = ( role, )
More information about the Mpuls-commits
mailing list