Cool. I'll take a look. Thanks! On Feb 20, 2012, at 12:16 PM, James Clendenan <[email protected]> wrote:
> Hi Kirk, > > If you're looking to do both passthrough (kerb) and a service type user, this > patch with the chainloading plugin might be interesting to you. > > I've been planing on re-implementing it into the core directly, but haven't > had a chance yet. > > http://www.mail-archive.com/[email protected]/msg01641.html > > I was using it for a ldap + basic auth service account setup, but it should > work for other types as well. I had found that passthrough in 2.0.? had some > problems keeping multiple user straight in apache due to the re-use of apache > workers. > > Hope this helps, > > James > > On Mon, Feb 20, 2012 at 9:29 AM, Kirk VanOpdorp <[email protected]> wrote: > Ok. That is actually what I was doing via a simple authenticated web service. > Just wanted to see if there was a better way that was not obvious to me. > Thanks for the quick response! > > On Feb 20, 2012, at 11:05 AM, Michael DeHaan <[email protected]> wrote: > > > "My question is that the read write API requires a token which > > requires a user and password. What password do I use in that case if I > > am using the passthru authentication?" > > > > Here's the source of the module: > > > > def authenticate(api_handle,username,password): > > """ > > Validate a username/password combo, returning True/False > > Uses cobbler_auth_helper > > """ > > ss = utils.get_shared_secret() > > if password == ss: > > rc = True > > else: > > rc = False > > return rc > > > > > > Basically authn_passthru is limiting built in security so that you can > > put your own access control in front of the web app, rather than doing > > something like looking at the digest file. > > > > If you're using XMLRPC, it doesn't matter what username you use, but > > you have to use the contents of /var/lib/cobbler/web.ss for the > > password. > > > > It is regenerated every time cobblerd restarts. > > > > We don't have an actual kerberos module that would allow kerberos > > username/passwords to XMLRPC, but we do have a module for > > authenticating against LDAP. > > > > https://github.com/cobbler/cobbler/blob/master/cobbler/modules/authn_ldap.py > > > > > > > > > > > > > > On Mon, Feb 20, 2012 at 10:04 AM, Kirk VanOpdorp <[email protected]> wrote: > >> I am using cobbler with passthru authentication to enable Kerberos on > >> cobbler web. I would also like remote read write access to the xmlrpc API. > >> I have setup the proxied cobbler_api in apache such that I think it should > >> work. My question is that the read write API requires a token which > >> requires a user and password. What password do I use in that case if I am > >> using the passthru authentication? > >> _______________________________________________ > >> cobbler mailing list > >> [email protected] > >> https://fedorahosted.org/mailman/listinfo/cobbler > > _______________________________________________ > > cobbler mailing list > > [email protected] > > https://fedorahosted.org/mailman/listinfo/cobbler > _______________________________________________ > cobbler mailing list > [email protected] > https://fedorahosted.org/mailman/listinfo/cobbler > > _______________________________________________ > cobbler mailing list > [email protected] > https://fedorahosted.org/mailman/listinfo/cobbler
_______________________________________________ cobbler mailing list [email protected] https://fedorahosted.org/mailman/listinfo/cobbler
