Package: x2gobroker
Version: 0.0.2.4
Severity: wishlist
Diff is on top of patch in bug 447. This allows for things like logging to
external systems, adjusting firewall rules for connecting users, mangling user
data for various reasons before returning session info, etc. Follows similar
approach to authmech but allows for multiple scripts to run.
---
etc/x2gobroker.conf | 7 +++++++
x2gobroker/defaults.py | 2 ++
x2gobroker/optional_scripts/__init__.py | 20 ++++++++++++++++++++
x2gobroker/optional_scripts/base_script.py | 24 ++++++++++++++++++++++++
x2gobroker/web/plain.py | 25 +++++++++++++++++++++++++
5 files changed, 78 insertions(+)
create mode 100755 x2gobroker/optional_scripts/__init__.py
create mode 100755 x2gobroker/optional_scripts/base_script.py
diff --git a/etc/x2gobroker.conf b/etc/x2gobroker.conf
index b8b8974..64967a9 100644
--- a/etc/x2gobroker.conf
+++ b/etc/x2gobroker.conf
@@ -48,6 +48,13 @@
# the permissions are set to allow the x2go broker process to write to this
directory
#cookie-directory = '/var/log/x2gobroker/cookies'
+# Pre and Post authentication scripts give you the option to run outside
scripts
+# or adjust the values of variables for users logging in. Pre scripts run just
+# before user authentication and Post scripts run just after. Set to list of
+# scripts, comma seperated, with no spaces between.
+#pre_auth_scripts =
+#post_auth_scripts =
+
# Every server-client communication (between X2Go Client and broker) has to be
# accompanied by this initial authentication cookie if require-cookie is set
above.
# This should be in the format of a UUID.
diff --git a/x2gobroker/defaults.py b/x2gobroker/defaults.py
index 9027ed0..d4bfaaf 100644
--- a/x2gobroker/defaults.py
+++ b/x2gobroker/defaults.py
@@ -186,6 +186,8 @@ X2GOBROKER_CONFIG_DEFAULTS = {
u'auth-timeout': 36000,
u'cookie-directory': '/var/log/x2gobroker/cookies',
u'verify-ip': True,
+ u'pre_auth_scripts': [],
+ u'post_auth_scripts': [],
u'my-cookie': uuid.uuid4(),
u'enable-plain-output': True,
u'enable-json-output': True,
diff --git a/x2gobroker/optional_scripts/__init__.py
b/x2gobroker/optional_scripts/__init__.py
new file mode 100755
index 0000000..d3eff3c
--- /dev/null
+++ b/x2gobroker/optional_scripts/__init__.py
@@ -0,0 +1,20 @@
+# -*- coding: utf-8 -*-
+
+# Copyright (C) 2012-2014 by Mike Gabriel <mike.gabr...@das-netzwerkteam.de
(mailto:mike.gabr...@das-netzwerkteam.de)>
+# Copyright (C) 2012-2014 by Oleksandr Shneyder
<oleksandr.shney...@obviously-nice.de
(mailto:oleksandr.shney...@obviously-nice.de)>
+#
+# X2Go Session Broker is free software; you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# X2Go Session Broker is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program; if not, write to the
+# Free Software Foundation, Inc.,
+# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
+
diff --git a/x2gobroker/optional_scripts/base_script.py
b/x2gobroker/optional_scripts/base_script.py
new file mode 100755
index 0000000..e284362
--- /dev/null
+++ b/x2gobroker/optional_scripts/base_script.py
@@ -0,0 +1,24 @@
+# -*- coding: utf-8 -*-
+
+# Copyright (C) 2012-2014 by Mike Gabriel <mike.gabr...@das-netzwerkteam.de
(mailto:mike.gabr...@das-netzwerkteam.de)>
+# Copyright (C) 2012-2014 by Oleksandr Shneyder
<oleksandr.shney...@obviously-nice.de
(mailto:oleksandr.shney...@obviously-nice.de)>
+#
+# X2Go Session Broker is free software; you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# X2Go Session Broker is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program; if not, write to the
+# Free Software Foundation, Inc.,
+# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
+
+class X2GoBrokerOptionalScript(object):
+
+ def run_me(self, username, password, task, profile_id, ip, cookie):
+ return username, password, task, profile_id, ip, cookie
diff --git a/x2gobroker/web/plain.py b/x2gobroker/web/plain.py
index 254c9d2..cd623a9 100644
--- a/x2gobroker/web/plain.py
+++ b/x2gobroker/web/plain.py
@@ -114,9 +114,34 @@ class X2GoBrokerWeb(_RequestHandler):
output = ''
+ if len(global_config['pre_auth_scripts']) != 0:
+ for script in global_config['pre_auth_scripts']:
+ try:
+ post_auth_script=None
+ exec("import
x2gobroker.optional_scripts.{script}_script".format(script=script))
+ exec("pre_auth_script =
x2gobroker.optional_scripts.{script}_script.X2GoBrokerOptionalScript()".format(script=script))
+ logger_broker.debug ('Calling pre-auth script {script} with username:
{username}, password: {password}, task: {task}, profile_id: {profile_id}, ip:
{ip}, cookie: {cookie}'.format(script=script,username=username,
password='XXXXX', task=task, profile_id=profile_id, ip=ip, cookie=cookie))
+ username, password, task, profile_id, ip, cookie =
pre_auth_script.run_me(username=username, password=password, task=task,
profile_id=profile_id, ip=ip, cookie=cookie)
+ logger_broker.debug ('Pre-auth script {script} finished with username:
{username}, password: {password}, task: {task}, profile_id: {profile_id}, ip:
{ip}, cookie: {cookie}'.format(script=script,username=username,
password='XXXXX', task=task, profile_id=profile_id, ip=ip, cookie=cookie))
+ except ImportError:
+ logger_error.error('No such optional script
\'{script}\''.format(script=script))
+
+
logger_broker.debug ('username: {username}, password: {password}, task: {task},
profile_id: {profile_id}, cookie: {cookie}'.format(username=username,
password='XXXXX', task=task, profile_id=profile_id, cookie=cookie))
access, next_cookie = broker_backend.check_access(username=username,
password=password, ip=ip, cookie=cookie)
if access:
+ if len(global_config['post_auth_scripts']) != 0:
+ for script in global_config['post_auth_scripts']:
+ try:
+ post_auth_script=None
+ exec("import
x2gobroker.optional_scripts.{script}_script".format(script=script))
+ exec("post_auth_script =
x2gobroker.optional_scripts.{script}_script.X2GoBrokerOptionalScript()".format(script=script))
+ logger_broker.debug ('Calling post-auth script {script} with username:
{username}, password: {password}, task: {task}, profile_id: {profile_id}, ip:
{ip}, cookie: {cookie}'.format(script=script,username=username,
password='XXXXX', task=task, profile_id=profile_id, ip=ip, cookie=cookie))
+ username, password, task, profile_id, ip, cookie =
post_auth_script.run_me(username=username, password=password, task=task,
profile_id=profile_id, ip=ip, cookie=cookie)
+ logger_broker.debug ('Post-auth script {script} finished with username:
{username}, password: {password}, task: {task}, profile_id: {profile_id}, ip:
{ip}, cookie: {cookie}'.format(script=script,username=username,
password='XXXXX', task=task, profile_id=profile_id, ip=ip, cookie=cookie))
+ except ImportError:
+ logger_error.error('No such optional script
\'{script}\''.format(script=script))
+
###
### CONFIRM SUCCESSFUL AUTHENTICATION FIRST
--
1.8.3.4 (Apple Git-47)
_______________________________________________
X2Go-Dev mailing list
X2Go-Dev@lists.berlios.de
https://lists.berlios.de/mailman/listinfo/x2go-dev
