kallithea Changeset - 9f5582151d53

Changeset - 9f5582151d53

Parent rev.

Child rev.

[Not reviewed]

beta

0 5 0

Marcin Kuzminski - 14 years ago 2012-03-16 22:58:05
marcin@python-works.com

Alternative HTTP response codes when client failed to Authenticate correctly

5 files changed with 37 insertions and 1 deletions:

development.ini

docs/changelog.rst

production.ini

rhodecode/config/deployment.ini_tmpl

rhodecode/lib/base.py

0 comments (0 inline, 0 general)

development.ini

➞

Show inline comments

@@ @@ -93,6 +93,11 @@ issue_prefix = # @@
 ## all running rhodecode instances. Leave empty if you don't use it
 instance_id =
 ## alternative return HTTP header for failed authentication. Default HTTP
 ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
 ## handling that. Set this variable to 403 to return HTTPForbidden
 auth_ret_code =
 ####################################
 ###        CELERY CONFIG        ####
 ####################################

docs/changelog.rst

➞

Show inline comments

@@ @@ -23,6 +23,8 @@ news @@
 - #399 added inheritance of permissions for users group on repos groups
 - #401 repository group is automatically pre-selected when adding repos
   inside a repository group
 - added alternative HTTP 403 response when client failed to authenticate. Helps
   solving issues with Mercurial and LDAP
 fixes
 +++++

production.ini

➞

Show inline comments

@@ @@ -93,6 +93,11 @@ issue_prefix = # @@
 ## all running rhodecode instances. Leave empty if you don't use it
 instance_id =
 ## alternative return HTTP header for failed authentication. Default HTTP
 ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
 ## handling that. Set this variable to 403 to return HTTPForbidden
 auth_ret_code =
 ####################################
 ###        CELERY CONFIG        ####
 ####################################

rhodecode/config/deployment.ini_tmpl

➞

Show inline comments

@@ @@ -93,6 +93,11 @@ issue_prefix = # @@
 ## all running rhodecode instances. Leave empty if you don't use it
 instance_id =
 ## alternative return HTTP header for failed authentication. Default HTTP
 ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
 ## handling that. Set this variable to 403 to return HTTPForbidden
 auth_ret_code =
 ####################################
 ###        CELERY CONFIG        ####
 ####################################

rhodecode/lib/base.py

➞

Show inline comments

@@ @@ -7,6 +7,8 @@ import time @@
 import traceback
 from paste.auth.basic import AuthBasicAuthenticator
 from paste.httpexceptions import HTTPUnauthorized, HTTPForbidden
 from paste.httpheaders import WWW_AUTHENTICATE
 from pylons import config, tmpl_context as c, request, session, url
 from pylons.controllers import WSGIController
@@ @@ -28,6 +30,22 @@ from rhodecode.model.scm import ScmModel @@
 log = logging.getLogger(__name__)
 class BasicAuth(AuthBasicAuthenticator):
     def __init__(self, realm, authfunc, auth_http_code=None):
         self.realm = realm
         self.authfunc = authfunc
         self._rc_auth_http_code = auth_http_code
     def build_authentication(self):
         head = WWW_AUTHENTICATE.tuples('Basic realm="%s"' % self.realm)
         if self._rc_auth_http_code and self._rc_auth_http_code == '403':
             # return 403 if alternative http return code is specified in
             # RhodeCode config
             return HTTPForbidden(headers=head)
         return HTTPUnauthorized(headers=head)
 class BaseVCSController(object):
     def __init__(self, application, config):
@@ @@ -36,7 +54,8 @@ class BaseVCSController(object): @@
         # base path of repo locations
         self.basepath = self.config['base_path']
         #authenticate this mercurial request using authfunc
         self.authenticate = AuthBasicAuthenticator('', authfunc)
         self.authenticate = BasicAuth('', authfunc,
                                       config.get('auth_ret_code'))
         self.ipaddr = '0.0.0.0'
     def _handle_request(self, environ, start_response):

0 comments (0 inline, 0 general)