shaba/one
1
0
Fork 0
mirror of https://github.com/OpenNebula/one.git synced 2025-03-22 18:50:08 +03:00
Code Releases Wiki Activity

feature #795: Adapt Sunstone to the new Cloud Auth system

Browse Source
This commit is contained in:
Daniel Molina 2011-09-20 18:27:36 +02:00
parent 196c021caf
commit 96db2d5844
3 changed files with 37 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/sunstone/etc/sunstone-server.conf
View File

@ -1,7 +1,12 @@
# OpenNebula sever contact information
ONE_XMLRPC=http://localhost:2633/RPC2
# Server Configuration
HOST=127.0.0.1
PORT=9869
AUTH=basic
# VNC Configuration
VNC_PROXY_BASE_PORT=29876
NOVNC_PATH=

33
src/sunstone/models/SunstoneServer.rb
View File

@ -23,37 +23,8 @@ class SunstoneServer
# FLAG that will filter the elements retrieved from the Pools
POOL_FILTER = Pool::INFO_GROUP
def initialize(username, password)
# TBD one_client_user(name) from CloudServer
@client = Client.new("dummy:dummy")
@client.one_auth = "#{username}:#{password}"
end
############################################################################
#
############################################################################
def self.authorize(user="", sha1_pass="")
if user.empty? || sha1_pass.empty?
return [401, false]
end
# TBD get_user_password(name) from CloudServer
user_pool = UserPool.new(Client.new)
rc = user_pool.info
if OpenNebula.is_error?(rc)
return [500, false]
end
user_pass = user_pool["USER[NAME=\"#{user}\"]/PASSWORD"]
user_id = user_pool["USER[NAME=\"#{user}\"]/ID"]
user_gid = user_pool["USER[NAME=\"#{user}\"]/GID"]
user_gname = user_pool["USER[NAME=\"#{user}\"]/GNAME"]
if user_pass == sha1_pass
return [204, [user_id, user_gid, user_gname]]
else
return [401, nil]
end
def initialize(token, xmlrpc)
@client = Client.new(token, xmlrpc, false)
end
############################################################################

54
src/sunstone/sunstone-server.rb
View File

@ -36,6 +36,7 @@ end
SUNSTONE_ROOT_DIR = File.dirname(__FILE__)
$: << RUBY_LIB_LOCATION
$: << RUBY_LIB_LOCATION+'/cloud'
$: << SUNSTONE_ROOT_DIR+'/models'
##############################################################################
@ -45,7 +46,7 @@ require 'rubygems'
require 'sinatra'
require 'erb'
require 'cloud/Configuration'
require 'Configuration'
require 'SunstoneServer'
require 'SunstonePlugins'
@ -67,32 +68,35 @@ helpers do
end
def build_session
auth = Rack::Auth::Basic::Request.new(request.env)
if auth.provided? && auth.basic? && auth.credentials
user = auth.credentials[0]
sha1_pass = Digest::SHA1.hexdigest(auth.credentials[1])
cloud_auth = CloudAuth.new(settings.config)
rc = SunstoneServer.authorize(user, sha1_pass)
if rc[1]
session[:user] = user
session[:user_id] = rc[1][0]
session[:user_gid] = rc[1][1]
session[:user_gname] = rc[1][2]
session[:password] = sha1_pass
session[:ip] = request.ip
session[:remember] = params[:remember]
result = cloud_auth.auth(request.env, params)
if result
return [401, ""]
else
user_id = OpenNebula::User::SELF
user = OpenNebula::User.new_with_id(user_id, cloud_auth.client)
if params[:remember]
env['rack.session.options'][:expire_after] = 30*60*60*24
end
return [204, ""]
else
return [rc.first, ""]
rc = user.info
if OpenNebula.is_error?(rc)
# Add a log message
return [500, ""]
end
end
session[:user] = user['NAME']
session[:user_id] = user['ID']
session[:user_gid] = user['GID']
session[:user_gname] = user['GNAME']
session[:token] = cloud_auth.token
session[:ip] = request.ip
session[:remember] = params[:remember]
return [401, ""]
if params[:remember]
env['rack.session.options'][:expire_after] = 30*60*60*24
end
return [204, ""]
end
end
def destroy_session
@ -105,7 +109,9 @@ before do
unless request.path=='/login' || request.path=='/'
halt 401 unless authorized?
@SunstoneServer = SunstoneServer.new(session[:user], session[:password])
@SunstoneServer = SunstoneServer.new(
session[:token],
settings.config[:one_xmlrpc])
end
end