thanks for letting me kno.w github does not notify me of pull requests. On Friday, 20 July 2012 15:59:48 UTC-5, Michele Comitini wrote: > > @Massimo > > I have made a pull request on github. > > mic > > > 2012/7/20 Massimo Di Pierro <[email protected]>: > > I'll wait for the patch. > > > > > > On Friday, 20 July 2012 07:51:37 UTC-5, Michele Comitini wrote: > >> > >> > Michelle, I know you wrote the code, but I believe X509Account should > be > >> > replaced with X509Auth, no? > >> > >> Ahem... I stand corrected, you are right I just copied a comment in > >> the code. The comment must be fixed. > >> > >> mic > >> > >> > >> 2012/7/20 tiadobatima <[email protected]>: > >> > Thanks guys! > >> > > >> > I'm using nginx too, and I followed roughly the same steps but using > >> > uwsgi. > >> > Michelle, I know you wrote the code, but I believe X509Account should > be > >> > replaced with X509Auth, no? > >> > > >> > from gluon.contrib.login_methods.x509_auth import X509Auth > >> > > >> > auth.settings.actions_disabled=['register','change_password', > >> > > 'request_reset_password','profile'] > >> > auth.settings.login_form = X509Autht() > >> > > >> > Cheers, > >> > g. > >> > > >> > On Thursday, 19 July 2012 13:27:30 UTC-7, Michele Comitini wrote: > >> >> > >> >> - Install M2Crypto. > >> >> - If you use rocket be sure to pass the --ca-cert option or if you > use > >> >> another server configure the server to support client certificate > >> >> validation and to pass needed SSL variables in wsgi environment*. > >> >> - In you model put the following: > >> >> > >> >> from gluon.contrib.login_methods.x509_auth import X509Account > >> >> auth.settings.actions_disabled=['register','change_password', > >> >> > 'request_reset_password','profile'] > >> >> auth.settings.login_form = X509Account() > >> >> > >> >> > >> >> *for example in nginx + scgi setup to pass environment variables > add > >> >> the following in the ssl server stanza: > >> >> > >> >> scgi_param SSL_PROTOCOL $ssl_protocol; > >> >> scgi_param HTTPS on; > >> >> scgi_param SSL_CIPHER $ssl_cipher; > >> >> scgi_param SSL_CLIENT_SERIAL > >> >> $ssl_client_serial; > >> >> scgi_param SSL_CLIENT_S_DN > $ssl_client_s_dn; > >> >> scgi_param SSL_CLIENT_I_DN > $ssl_client_i_dn; > >> >> scgi_param SSL_SESSION_ID $ssl_session_id; > >> >> scgi_param SSL_CLIENT_CERT > $ssl_client_cert; > >> >> scgi_param SSL_CLIENT_RAW_CERT > >> >> $ssl_client_raw_cert; > >> >> scgi_param SSL_CLIENT_VERIFY > >> >> $ssl_client_verify; > >> >> > >> >> mic > >> >> > >> >> > >> >> > >> >> 2012/7/19 Derek <[email protected]>: > >> >> > 1. Take a look at x509_auth.py for information on how to do that. > >> >> > It's > >> >> > only > >> >> > 102 lines, so don't be daunted. > >> >> > 2. Yes. > >> >> > > >> >> > > >> >> > > >> >> > On Tuesday, July 17, 2012 4:12:50 PM UTC-7, tiadobatima wrote: > >> >> >> > >> >> >> Hi guys, > >> >> >> > >> >> >> After reading the docs, searching through old posts, and scouring > >> >> >> the > >> >> >> net, > >> >> >> I'm hoping someone can enlighten me regarding x509 auth: > >> >> >> > >> >> >> 1- How to retrieve the subject contained in the x509 certificate > >> >> >> (serialNumber, commonName, etc). Any example code? > >> >> >> 2- Does the current implementation of x509 auth require any of > the > >> >> >> auth_XXXX tables in the database for anything? > >> >> >> > >> >> >> Thanks! > >> >> >> > >> >> >> > >> >> > -- > >> >> > > >> >> > > >> >> > > >> > > >> > -- > >> > > >> > > >> > > > > > -- > > > > > > >
--
