Hi,
I need a perspective broker with authentification and followed the Twisted
documentation on
http://twistedmatrix.com/documents/current/core/howto/tap.html#auto4 to get
the twistd plugin to work. Now I want to make it work with the /etc/shadow,
but don't know how to get it to work.
The plugin looks like:
-----------------------------------------------------------------------
from zope.interface import implements
from twisted.python import usage
from twisted.plugin import IPlugin
from twisted.application.service import IServiceMaker from
twisted.application import internet from twisted.cred import credentials,
portal, strcred from twisted.spread import pb
from qxmt.QXMTServer import QXMTUser
class Options(usage.Options, strcred.AuthOptionMixin):
# This part is optional; it tells AuthOptionMixin what
# kinds of credential interfaces the user can give us.
supportedInterfaces = (credentials.IUsernamePassword,)
optParameters = [["port", "p", 8789, "Server port number"]]
class QXMTRealm:
implements(portal.IRealm)
def requestAvatar(self, avatarId, mind, *interfaces):
if pb.IPerspective not in interfaces:
raise NotImplementedError
return pb.IPerspective, QXMTUser(avatarId), lambda: None
class QXMTServiceMaker(object):
implements(IServiceMaker, IPlugin)
tapname = "qxmt"
description = "The QXtend remote error processing tool."
options = Options
def makeService(self, options):
"""
Construct a TCPServer from a factory defined in qxmt.
"""
p = portal.Portal(QXMTRealm(), options["credCheckers"])
#c = checkers.InMemoryUsernamePasswordDatabaseDontUse(user1="pass1",
#p.registerChecker(c)
return internet.TCPServer(int(options['port']),
pb.PBServerFactory(p))
serviceMaker = QXMTServiceMaker()
-----------------------------------------------------------------------
Running twistd qxmt --help-auth gives
Usage: --auth AuthType[:ArgString]
For detailed help: --help-auth-type AuthType
AuthType ArgString format
======== ================
memory A colon-separated list (name:password:...)
file Location of a FilePasswordDB-formatted file.
unix No argstring required.
And twistd qxmt --help-auth-type unix gives
Usage: --auth unix[:ArgString]
ArgString format: No argstring required.
This checker will attempt to use every resource available to
authenticate against the list of users on the local UNIX system.
(This does not support Windows servers for very obvious reasons.)
Right now, this includes support for:
* Python's pwd module (which checks /etc/passwd)
* Python's spwd module (which checks /etc/shadow)
Future versions may include support for PAM authentication.
So, I guess the server now should be able to use the system's shadow
passwords for authentification.
As a client I used with the InMemoryUsernamePasswordDatabaseDontUse checker
the following code.
-----------------------------------------------------------------------
#!/usr/bin/env python
# Copyright (c) 2009 Twisted Matrix Laboratories.
# See LICENSE for details.
from twisted.spread import pb
from twisted.internet import reactor
from twisted.cred import credentials
def main():
factory = pb.PBClientFactory()
reactor.connectTCP("localhost", 8789, factory)
def1 = factory.login(credentials.UsernamePassword("user1", "pass1"))
def1.addCallback(connected)
reactor.run()
def connected(perspective):
print "got perspective1 ref:", perspective
print "asking it to foo(13)"
perspective.callRemote("foo", 13)
main()
-----------------------------------------------------------------------
How to rewrite the client to make it work with --auth=unix ?
Thanks,
Frans
_______________________________________________
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
