[Pkg-nagios-changes] [SCM] UNNAMED PROJECT branch, debian/master, updated. 810edbdd3feedbfe37f4a65bee50b57b2f60fa2a

Tue Feb 28 22:11:45 UTC 2012

The following commit has been merged in the debian/master branch:
commit 32b68cd4c8696fb36688a6befe12dde0a6d39052
Author: olivierHa <olivier.hanesse at gmail.com>
Date:   Tue Jan 3 21:49:54 2012 +0100

    Enh: Add External Authentification for WebUI

diff --git a/etc/shinken-specific.cfg b/etc/shinken-specific.cfg
index 83af846..f7814b7 100755
--- a/etc/shinken-specific.cfg
+++ b/etc/shinken-specific.cfg
@@ -191,6 +191,13 @@ define module{
        # ; can be also : wsgiref, cherrypy, paste, tornado, twisted
        # ; or gevent. automeans beast find in the system.
 
+       # Maybe the WebUI is behind a web server which has already authentified the user
+       # So let's use the Remote_user variable
+       # See documentation for an example of the configuration of Apache in front of the WebUI
+       # remote_user_enable 1
+       # remote_user_variable X_Remote_User
+ 
+
        modules		Apache_passwd,ActiveDir_UI,Cfg_password
        # Modules for the WebUI.
        # Apache_passwd : use an Apache htpasswd files for auth
diff --git a/shinken/modules/webui_broker/webui_broker.py b/shinken/modules/webui_broker/webui_broker.py
index 4a23224..90c444e 100644
--- a/shinken/modules/webui_broker/webui_broker.py
+++ b/shinken/modules/webui_broker/webui_broker.py
@@ -77,6 +77,8 @@ class Webui_broker(BaseModule, Daemon):
         self.http_backend = getattr(modconf, 'http_backend', 'auto')
         self.login_text = getattr(modconf, 'login_text', None)
         self.allow_html_output = to_bool(getattr(modconf, 'allow_html_output', '0'))
+        self.remote_user_enable = getattr(modconf, 'remote_user_enable', '0')
+        self.remote_user_variable = getattr(modconf, 'remote_user_variable', 'X_REMOTE_USER')
 
         # Load the photo dir and make it a absolute path
         self.photo_dir = getattr(modconf, 'photo_dir', 'photos')
diff --git a/shinken/webui/plugins/login/login.py b/shinken/webui/plugins/login/login.py
index 727c81f..6c43096 100644
--- a/shinken/webui/plugins/login/login.py
+++ b/shinken/webui/plugins/login/login.py
@@ -83,6 +83,16 @@ def get_root():
     user = app.request.get_cookie("user", secret=app.auth_secret)
     if user:
         redirect("/problems")
+    elif app.remote_user_variable in app.request.headers and app.remote_user_enable == '1':
+        user_name = app.request.headers[app.remote_user_variable]
+        c = app.datamgr.get_contact(user_name)
+        print "Got", c
+        if not c:
+            print "Warning: You need to have a contact having the same name as your user %s" % user_name
+            redirect("/user/login")
+        else:
+            app.response.set_cookie('user', user_name, secret=app.auth_secret, path='/')
+            redirect("/problems")
     else:
         redirect("/user/login")
 

-- 
UNNAMED PROJECT

