4 Changes kerberos password via web interface.
6 The application is supposed to run on cherrypy+genshi stack.
9 # Import CherryPy global namespace
11 from genshi
.template
import TemplateLoader
20 Root request handler class.
26 self
.realm
= "CDTEL.LOCAL"
27 self
.page_title
= "kpasswd form!"
31 'text' : "Error, password not chaged!",
35 'text' : "New passwords do not match!",
39 'text' : "Principal invalid!",
43 'text' : "Realm invalid!",
47 'text' : "New password is too short!",
51 'text' : "New password is invalid!",
55 'text' : "Password changed sucessfully.",
56 'type' : "greenmessage"
60 self
.logger
= logging
.getLogger(self
.__class
__.__name
__)
61 self
.logger
.setLevel(logging
.INFO
)
62 ch
= logging
.StreamHandler()
63 ch
.setFormatter(logging
.Formatter("%(asctime)s - %(name)s - %(levelname)s - %(message)s"))
64 self
.logger
.addHandler(ch
)
66 def kpasswd(self
, message
="none", *another
):
68 WebKpasswd form renderer
71 'title' : self
.page_title
,
72 'message' : self
.messages
.get(message
,''),
75 return loader
.load('kpasswd.html').generate(genparams
=genshiparams
).render('html', doctype
='html')
80 newpass
="newpass", newpassv
="notthesamepass",
84 Main algorithm for changing password.
85 It also does some input checking.
87 if cherrypy
.request
.method
== 'POST':
89 if len(principal
) < 1:
90 self
.raise_message(principal
, "princerror")
92 if not newpass
== newpassv
:
93 self
.raise_message(principal
, "nomatch")
95 self
.raise_message(principal
, "newpassshort")
97 if len(principal
.split("@")) < 2:
99 principal
+= "@"+trealm
101 trealm
= principal
.split("@")[1]
103 self
.raise_message(principal
, "realmerror", trealm
)
107 ret
= kadm
.krb5_chpass_principal(
110 trealm
, "kadmin/cdtel00pceux509.uxkdc.cdtel.cz")
114 self
.raise_message(principal
, "notchanged", trealm
)
116 self
.raise_message(principal
, "success", trealm
)
117 # if there is no POST, return to main page
118 raise cherrypy
.HTTPRedirect(self
.prefix
+"kpasswd")
120 kpasswd
.exposed
= True
121 kpasswdf
.exposed
= True
123 def default(self
, *another
):
125 This method redirects all the 'unknown' requests to the /kpasswd
127 raise cherrypy
.HTTPRedirect(self
.prefix
+"kpasswd")
129 default
.exposed
= True
131 def raise_message(self
, principal
, message
, realm
=""):
133 Logs message to the console and redirects to the main page with message
136 self
.logger
.info(self
.messages
.get(message
)['text']+" principal:"+principal
+", realm:"+realm
)
137 raise cherrypy
.HTTPRedirect(self
.prefix
+"kpasswd?message="+message
)
139 self
.logger
.info(self
.messages
.get(message
)['text']+" principal:"+principal
)
140 raise cherrypy
.HTTPRedirect(self
.prefix
+"kpasswd?message="+message
)
144 current_dir
= os
.path
.dirname(__file__
)
145 kdcconf
= os
.path
.join(current_dir
, 'webkpasswd.conf')
146 loader
= TemplateLoader('templates', auto_reload
=True)
148 if __name__
== '__main__':
149 cherrypy
.quickstart(WebKpasswd(), config
=kdcconf
)
151 # This branch is for the test suite; you can ignore it.
152 cherrypy
.tree
.mount(WebKpasswd(), config
=kdcconf
)