diff options
| author |   Michał Górny <mgorny@gentoo.org> | 2013-08-01 23:40:21 +0200 |
|---|---|---|
| committer | Michał Górny <mgorny@gentoo.org> | 2013-08-05 11:46:30 +0200 |
| commit | ebd3d04d0aefa8680e434430a4745982fdc208f0 (patch) | |
| tree | 10a3ba85ce19f00aa0eafc1586b6896f85b7172f /setup.py | |
| parent | Introduce ExternalBackend for handling external auth. (diff) | |
| download | identity.gentoo.org-ebd3d04d0aefa8680e434430a4745982fdc208f0.tar.gz identity.gentoo.org-ebd3d04d0aefa8680e434430a4745982fdc208f0.tar.bz2 identity.gentoo.org-ebd3d04d0aefa8680e434430a4745982fdc208f0.zip | |
Establish simple SSL client certificate auth.
The auth is based on matching e-mail addresses from valid (and trusted)
certificates onto system users.
Whenever user requests SSL cert auth, he is redirected to a dedicated
vhost where the HTTP server requests the certificate. Once there,
ssl-auth view checks the verification result and obtains e-mail
addresses from the certificate. The e-mail addresses are compared to
system users and if a match occurs, an authentication token is created.
The ssl-auth view redirects back to login, passing either the token, or
error message. If a valid token is passed, ExternalBackend is used to
sucessfully authenticate the user. Otherwise, the error message is
printed alike regular login messages.
Diffstat (limited to 'setup.py')
| -rwxr-xr-x | setup.py | 1 |
1 files changed, 1 insertions, 0 deletions
@@ -39,6 +39,7 @@ setup( 'django-ldapdb', 'edpwd>=0.0.7', 'passlib>=1.6.1', + 'pyopenssl>=0.13', 'python-ldap>=2.4.10', 'python-openid>=2.2.5', ], |