diff options
author | Matt Schwager <schwag09@gmail.com> | 2012-10-17 13:44:43 -0400 |
---|---|---|
committer | Chris St. Pierre <chris.a.st.pierre@gmail.com> | 2013-02-12 08:35:32 -0500 |
commit | 168aa5f9d31f310caa2d8fb87b5d46d6e23b5821 (patch) | |
tree | ac35385b07db6ac87c828b6181c5f9c679b53ee1 /src/lib/Bcfg2/Server/CherryPyCore.py | |
parent | e8a5500535cb7c23ef3d687304033e50e80dbd3f (diff) | |
download | bcfg2-168aa5f9d31f310caa2d8fb87b5d46d6e23b5821.tar.gz bcfg2-168aa5f9d31f310caa2d8fb87b5d46d6e23b5821.tar.bz2 bcfg2-168aa5f9d31f310caa2d8fb87b5d46d6e23b5821.zip |
IP based ACLs working for CherryPy and Builtin Server. Rudimentary tests performed and passed.
Diffstat (limited to 'src/lib/Bcfg2/Server/CherryPyCore.py')
-rw-r--r-- | src/lib/Bcfg2/Server/CherryPyCore.py | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/src/lib/Bcfg2/Server/CherryPyCore.py b/src/lib/Bcfg2/Server/CherryPyCore.py index 6709a2f10..b4c296d4a 100644 --- a/src/lib/Bcfg2/Server/CherryPyCore.py +++ b/src/lib/Bcfg2/Server/CherryPyCore.py @@ -63,12 +63,13 @@ class Core(BaseCore): username = auth_content password = "" - if not self.check_acls(cherrypy.request.remote.ip): - raise cherrypy.HTTPError(403) - # FIXME: Get client cert cert = None address = (cherrypy.request.remote.ip, cherrypy.request.remote.name) + + if not self.check_acls(address[0]): + raise cherrypy.HTTPError(401) + return self.authenticate(cert, username, password, address) @cherrypy.expose |