Hi,

I have added few lines to code to make optional login with personal
certificate (or with smartcard) possible. Some ui changes has to be made.
It is not cosher but it definitely work.

Thank you, Tibor
From 91201035c02a186ad7311880730554925d7bf58e Mon Sep 17 00:00:00 2001
From: Tiboris <tibor.dud...@gmail.com>
Date: Mon, 1 Aug 2016 11:28:05 +0200
Subject: [PATCH] Added new authentication method.

This edit only added few changes to be able to login with personal certificate into IPA server.
---
 ipaserver/plugins/xmlserver.py | 3 ++-
 ipaserver/rpcserver.py         | 5 +++++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/ipaserver/plugins/xmlserver.py b/ipaserver/plugins/xmlserver.py
index d8fe24e0cb407603e9898e934229c9373f3c8b62..1843c0568543951f2c817616d9e988deaab47056 100644
--- a/ipaserver/plugins/xmlserver.py
+++ b/ipaserver/plugins/xmlserver.py
@@ -28,12 +28,13 @@ register = Registry()
 
 
 if api.env.context in ('server', 'lite'):
-    from ipaserver.rpcserver import wsgi_dispatch, xmlserver, jsonserver_kerb, jsonserver_session, login_kerberos, login_password, change_password, sync_token, xmlserver_session
+    from ipaserver.rpcserver import wsgi_dispatch, xmlserver, jsonserver_kerb, jsonserver_session, login_kerberos, login_x509, login_password, change_password, sync_token, xmlserver_session
     register()(wsgi_dispatch)
     register()(xmlserver)
     register()(jsonserver_kerb)
     register()(jsonserver_session)
     register()(login_kerberos)
+    register()(login_x509)
     register()(login_password)
     register()(change_password)
     register()(sync_token)
diff --git a/ipaserver/rpcserver.py b/ipaserver/rpcserver.py
index d036f3c27521f17709672b830d5aa58167c76b34..a181ecfcb1d01b1c2dd5ee6cb9721d69be8c1863 100644
--- a/ipaserver/rpcserver.py
+++ b/ipaserver/rpcserver.py
@@ -876,6 +876,11 @@ class login_kerberos(Backend, KerberosSession, HTTP_Status):
 
         return self.finalize_kerberos_acquisition('login_kerberos', user_ccache_name, environ, start_response)
 
+
+class login_x509(login_kerberos, KerberosSession, HTTP_Status):
+    key = '/session/login_x509'
+
+
 class login_password(Backend, KerberosSession, HTTP_Status):
 
     content_type = 'text/plain'
-- 
2.7.4

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to