#file =
[auth:ldap]
-host = ldap://xxx
-port = 489
+host = localhost
+port = 389
bind_dn =
bind_pw =
basedn =
username = openchange
# password is test
password = {SSHA}I6Hy5Wv0wuxyXvMBFWFQDVVN12_CLaX9
+
+[rpcproxy:ldap]
+host = localhost
+port = 389
+basedn = CN=Users,DC=sambaxp,DC=local
\ No newline at end of file
map.connect('/{controller}/{action}')
map.connect('/{controller}/{action}/{id}')
+ # RPC over HTTP
+ map.connect('/rpc/rpcproxy.dll', controller='rpcproxy')
+
return map
--- /dev/null
+import logging
+
+from pylons import request, response, session, tmpl_context as c, url
+from pylons.controllers.util import abort, redirect
+from ocsmanager.model import RPCProxyAuthenticateModel
+
+from ocsmanager.lib.base import BaseController, render
+
+log = logging.getLogger(__name__)
+
+class RpcproxyController(BaseController):
+
+ def index(self):
+ auth = RPCProxyAuthenticateModel.RPCProxyAuthenticateModel()
+ if request.method == 'RPC_IN_DATA':
+ log.debug('IN Channel Request')
+ # Check credentials
+ retval = auth.Authenticate(request.authorization)
+ response.headers['Content-Type'] = 'application/rpc'
+ if retval == 1:
+ log.debug('Authentication failure')
+ return
+ elif request.method == 'RPC_OUT_DATA':
+ log.debug('OUT Channel Request')
+ retval = auth.Authenticate(request.authorization)
+ response.headers['Content-Type'] = 'application/rpc'
+
+ if retval == 1:
+ log.debug('Authentication failure')
+
+ return ''
+
self.__get_option(section, 'filter', 'auth', None, '(cn=%s)')
self.__get_option(section, 'attrs', 'auth', None, '*')
+ def __parse_rpcproxy(self):
+ self.__get_section('rpcproxy:ldap')
+ self.__get_option('rpcproxy:ldap', 'host', 'rpcproxy', 'ldap_host')
+ self.__get_option('rpcproxy:ldap', 'port', 'rpcproxy', 'ldap_port')
+ self.__get_option('rpcproxy:ldap', 'basedn', 'rpcproxy', 'ldap_basedn')
+
def load(self):
"""Load the configuration file.
"""
self.__parse_main()
self.__parse_auth()
+ self.__parse_rpcproxy()
return self.d
--- /dev/null
+import ldap
+import logging
+from pylons import config
+
+from base64 import urlsafe_b64encode as encode
+from base64 import urlsafe_b64decode as decode
+
+log = logging.getLogger(__name__)
+
+class RPCProxyAuthenticateModel:
+
+ def __init__(self):
+ self.basic = {}
+ self.basic["username"] = None
+ self.basic["password"] = None
+ self.ntlmssp = None
+ self.auth_type = None
+ self.ldap = {}
+ self.ldap['host'] = config['ocsmanager']['rpcproxy']['ldap_host']
+ self.ldap['post'] = config['ocsmanager']['rpcproxy']['ldap_port']
+ self.ldap['basedn'] = config['ocsmanager']['rpcproxy']['ldap_basedn']
+
+ return
+
+ def Authenticate(self, auth):
+ """ Authenticate user depending on the authentication type.
+ Return 0 on success otherwise 1.
+ """
+ if auth is None or len(auth) != 2:
+ return 1
+
+ if auth[0] == 'Basic':
+ return self.AuthenticateBasic(auth[1])
+ elif auth[0] == 'NTLM':
+ return self.AuthenticateNTLM(auth[1])
+ else:
+ return 1
+
+ def AuthenticateBasic(self, payload):
+ """ Implement Basic authentication scheme support.
+ """
+ blob = decode(payload)
+ credentials = blob.split(':')
+ if len(credentials[0].split('\\')) == 2:
+ username = credentials[0].split('\\')[1]
+ else:
+ username = credentials[0]
+
+ try:
+ l = ldap.open(self.ldap['host'])
+ l.protocol_version = ldap.VERSION3
+ username = 'CN=%s,%s' % (username, self.ldap['basedn'])
+ password = credentials[1]
+ l.simple_bind(username, password)
+ except ldap.LDAPError, e:
+ log.debug(e)
+ return 1
+
+ return 0
+
+ def AuthenticateNTLM(self, payload):
+ """ Implement NTLM authentication scheme support.
+ """
+ return 1
--- /dev/null
+from ocsmanager.tests import *
+
+class TestRpcproxyController(TestController):
+
+ def test_index(self):
+ response = self.app.get(url(controller='rpcproxy', action='index'))
+ # Test response...