Package proxy :: Module rhnProxyAuth :: Class ProxyAuth
[hide private]
[frames] | no frames]

Class ProxyAuth

source code

Instance Methods [hide private]
 
__init__(self, hostname) source code
 
__processSystemid(self)
update the systemid/serverid but only if they stat differently.
source code
 
get_system_id(self)
return the system id
source code
 
check_cached_token(self, forceRefresh=0)
check cache, login if need be, and cache.
source code
 
get_cached_token(self)
Fetches this proxy's token (or None) from the cache
source code
 
set_cached_token(self, token)
Caches current token in the auth cache.
source code
 
del_cached_token(self)
Removes the token from the cache
source code
 
login(self)
Login and fetch new token (proxy token).
source code
 
update_client_token_if_valid(self, clientid, token) source code
 
__cache_proxy_key(self) source code
 
getProxyServerId(self) source code
Static Methods [hide private]
 
get_client_token(clientid) source code
 
set_client_token(clientid, token) source code
 
__getXmlrpcServer()
get an xmlrpc server object
source code
Class Variables [hide private]
  __serverid = None
hash(x)
  __systemid = None
hash(x)
  __systemid_mtime = None
hash(x)
  __systemid_filename = u'/etc/sysconfig/rhn/systemid'
  __nRetries = 3
  hostname = None
hash(x)
Method Details [hide private]

__processSystemid(self)

source code 

update the systemid/serverid but only if they stat differently. returns 0=no updates made; or 1=updates were made

login(self)

source code 
Login and fetch new token (proxy token).

How it works in a nutshell.
Only the broker component uses this. We perform a xmlrpc request
to rhn_parent. This occurs outside of the http process we are
currently working on. So, we do this all on our own; do all of
our own SSL decisionmaking etc. We use CFG.RHN_PARENT as we always
bypass the SSL redirect.

DESIGN NOTES:  what is the proxy auth token?
-------------------------------------------
An Spacewalk Proxy auth token is a token fetched upon login from
Red Hat Satellite or hosted.

It has this format:
   'S:U:ST:EO:SIG'
Where:
   S   = server ID
   U   = username
   ST  = server time
   EO  = expiration offset
   SIG = signature
   H   = hostname (important later)

Within this function within the Spacewalk Proxy Broker we also tag on
the hostname to the end of the token. The token as described above
is enough for authentication purposes, but we need a to identify
the exact hostname (as the Spacewalk Proxy sees it). So now the token
becomes (token:hostname):
   'S:U:ST:EO:SIG:H'

DESIGN NOTES:  what is X-RHN-Proxy-Auth?
-------------------------------------------
This is where we use the auth token beyond Spacewalk Proxy login
purposes. This a header used to track request routes through
a hierarchy of RHN Proxies.

X-RHN-Proxy-Auth is a header that passes proxy authentication
information around in the form of an ordered list of tokens. This
list is used to gain information as to how a client request is
routed throughout an RHN topology.

Format: 'S1:U1:ST1:EO1:SIG1:H1,S2:U2:ST2:EO2:SIG2:H2,...'
         |_________1_________| |_________2_________| |__...
                 token                 token
         where token is really: token:hostname

leftmost token was the first token hit by a client request.
rightmost token was the last token hit by a client request.

__getXmlrpcServer()
Static Method

source code 
get an xmlrpc server object

WARNING: if CFG.USE_SSL is off, we are sending info
         in the clear.