[CalendarServer-changes] [6726] CalendarServer/trunk
source_changes at macosforge.org
source_changes at macosforge.org
Mon Jan 10 18:19:59 PST 2011
Revision: 6726
http://trac.macosforge.org/projects/calendarserver/changeset/6726
Author: sagen at apple.com
Date: 2011-01-10 18:19:51 -0800 (Mon, 10 Jan 2011)
Log Message:
-----------
/webcal can now be configured to redirect to /auth wiki authentication service rather than simply returning a 401 when unauthenticated.
Modified Paths:
--------------
CalendarServer/trunk/calendarserver/webcal/resource.py
CalendarServer/trunk/conf/caldavd-apple.plist
CalendarServer/trunk/twistedcaldav/stdconfig.py
Modified: CalendarServer/trunk/calendarserver/webcal/resource.py
===================================================================
--- CalendarServer/trunk/calendarserver/webcal/resource.py 2011-01-10 21:33:40 UTC (rev 6725)
+++ CalendarServer/trunk/calendarserver/webcal/resource.py 2011-01-11 02:19:51 UTC (rev 6726)
@@ -29,7 +29,7 @@
from cgi import parse_qs
from twext.web2 import responsecode
-from twext.web2.http import Response
+from twext.web2.http import Response, RedirectResponse, HTTPError
from twext.web2.http_headers import MimeType
from twext.web2.stream import MemoryStream
from twext.web2.dav import davxml
@@ -37,8 +37,48 @@
from twistedcaldav.config import config
from twistedcaldav.extensions import DAVFile, ReadOnlyResourceMixIn
+from twisted.internet.defer import inlineCallbacks, returnValue
+
class WebCalendarResource (ReadOnlyResourceMixIn, DAVFile):
+
+ @inlineCallbacks
+ def http_GET(self, request):
+ """
+ If configured to use Wiki authentication dialog, redirect to the
+ auth URL rather than return a 401 when unauthenticated.
+ """
+ if config.WebCalendarAuthPath:
+ try:
+ (yield self.authorize(request, (davxml.Read(),)))
+ except HTTPError:
+ # Use config.ServerHostName if no x-forwarded-host header,
+ # otherwise use the final hostname in x-forwarded-host.
+ host = request.headers.getRawHeaders("x-forwarded-host",
+ [config.ServerHostName])[-1].split(",")[-1].strip()
+ port = 443 if config.EnableSSL else 80
+ scheme = "https" if config.EnableSSL else "http"
+
+ returnValue(
+ RedirectResponse(
+ request.unparseURL(
+ host=host,
+ port=port,
+ scheme=scheme,
+ path=config.WebCalendarAuthPath,
+ querystring="redirect=%s://%s%s" % (
+ scheme,
+ host,
+ request.path
+ )
+ )
+ )
+ )
+
+ returnValue(
+ (yield super(WebCalendarResource, self).http_GET(request))
+ )
+
def defaultAccessControlList(self):
return davxml.ACL(
davxml.ACE(
Modified: CalendarServer/trunk/conf/caldavd-apple.plist
===================================================================
--- CalendarServer/trunk/conf/caldavd-apple.plist 2011-01-10 21:33:40 UTC (rev 6725)
+++ CalendarServer/trunk/conf/caldavd-apple.plist 2011-01-11 02:19:51 UTC (rev 6726)
@@ -520,6 +520,10 @@
<key>EnableWebAdmin</key>
<true/>
+ <!-- On OS X use wiki authentication dialogs for webcal -->
+ <key>WebCalendarAuthPath</key>
+ <string>/auth</string>
+
<!-- Directory searching -->
<key>DirectoryAddressBook</key>
<dict>
Modified: CalendarServer/trunk/twistedcaldav/stdconfig.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/stdconfig.py 2011-01-10 21:33:40 UTC (rev 6725)
+++ CalendarServer/trunk/twistedcaldav/stdconfig.py 2011-01-11 02:19:51 UTC (rev 6726)
@@ -195,6 +195,11 @@
"MaxInstancesForRRULE" : 400, # Maximum number of instances for an RRULE
"WebCalendarRoot" : "/usr/share/collabd",
+ # Set to URL path of wiki authentication service, e.g. "/auth", in order
+ # to use javascript authentication dialog. Empty string indicates standard
+ # browser authentication dialog should be used.
+ "WebCalendarAuthPath" : "",
+
"Aliases": {},
#
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20110110/7092549a/attachment.html>
More information about the calendarserver-changes
mailing list