[CalendarServer-changes] [4325] CalendarServer/trunk
source_changes at macosforge.org
source_changes at macosforge.org
Thu Jun 4 10:42:14 PDT 2009
Revision: 4325
http://trac.macosforge.org/projects/calendarserver/changeset/4325
Author: sagen at apple.com
Date: 2009-06-04 10:42:13 -0700 (Thu, 04 Jun 2009)
Log Message:
-----------
Rather than use a second instance of AuthenticationWrapper around /inbox (which breaks Depth:1 PROPFINDs of /, make the AuthenticationWrapper implementation more flexible, allowing per-resource-path configuration of credential factories.
Modified Paths:
--------------
CalendarServer/trunk/calendarserver/tap/caldav.py
CalendarServer/trunk/twistedcaldav/resource.py
Modified: CalendarServer/trunk/calendarserver/tap/caldav.py
===================================================================
--- CalendarServer/trunk/calendarserver/tap/caldav.py 2009-06-04 16:56:16 UTC (rev 4324)
+++ CalendarServer/trunk/calendarserver/tap/caldav.py 2009-06-04 17:42:13 UTC (rev 4325)
@@ -65,7 +65,7 @@
from twistedcaldav.accesslog import AMPCommonAccessLoggingObserver
from twistedcaldav.config import config, defaultConfig, defaultConfigFile
from twistedcaldav.config import ConfigurationError
-from twistedcaldav.resource import CalDAVResource
+from twistedcaldav.resource import CalDAVResource, AuthenticationWrapper
from twistedcaldav.directory.digest import QopDigestCredentialFactory
from twistedcaldav.directory.principal import DirectoryPrincipalProvisioningResource
from twistedcaldav.directory.aggregate import AggregateDirectoryService
@@ -626,16 +626,9 @@
self.log_info("Setting up iMIP inbox resource: %r"
% (self.imipResourceClass,))
- # This resource uses the digestCredentialFactory no matter
- # what the overall server authentication settings are.
- root.putChild("inbox",
- auth.AuthenticationWrapper(
- self.imipResourceClass(root),
- portal,
- (digestCredentialFactory,),
- (auth.IPrincipal,),
- )
- )
+ # The authenticationWrapper below will be configured to always
+ # allow digest auth on /inbox
+ root.putChild("inbox", self.imipResourceClass(root))
#
# WebCal
@@ -672,11 +665,14 @@
self.log_info("Configuring authentication wrapper")
- authWrapper = auth.AuthenticationWrapper(
+ authWrapper = AuthenticationWrapper(
root,
portal,
credentialFactories,
(auth.IPrincipal,),
+ overrides = {
+ "/inbox" : (digestCredentialFactory,),
+ }
)
logWrapper = DirectoryLogWrapperResource(
Modified: CalendarServer/trunk/twistedcaldav/resource.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/resource.py 2009-06-04 16:56:16 UTC (rev 4324)
+++ CalendarServer/trunk/twistedcaldav/resource.py 2009-06-04 17:42:13 UTC (rev 4325)
@@ -38,6 +38,7 @@
from twisted.internet.defer import inlineCallbacks, returnValue
from twisted.web2 import responsecode
from twisted.web2.dav import davxml
+from twisted.web2.dav.auth import AuthenticationWrapper as SuperAuthenticationWrapper
from twisted.web2.dav.davxml import dav_namespace
from twisted.web2.dav.idav import IDAVPrincipalCollectionResource
from twisted.web2.dav.resource import AccessDeniedError, DAVPrincipalCollectionResource
@@ -1006,6 +1007,34 @@
return None
+class AuthenticationWrapper(SuperAuthenticationWrapper):
+
+ """ AuthenticationWrapper implementation which allows overriding
+ credentialFactories on a per-resource-path basis """
+
+ def __init__(self, resource, portal, credentialFactories, loginInterfaces,
+ overrides=None):
+
+ super(AuthenticationWrapper, self).__init__(resource, portal,
+ credentialFactories, loginInterfaces)
+
+ self.overrides = {}
+ if overrides:
+ for path, factories in overrides.iteritems():
+ self.overrides[path] = dict([(factory.scheme, factory)
+ for factory in factories])
+
+ def hook(self, req):
+ """ Uses the default credentialFactories unless the request is for
+ one of the overridden paths """
+
+ super(AuthenticationWrapper, self).hook(req)
+
+ factories = self.overrides.get(req.path.rstrip("/"),
+ self.credentialFactories)
+ req.credentialFactories = factories
+
+
##
# Utilities
##
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20090604/45388107/attachment.html>
More information about the calendarserver-changes
mailing list