ganeti.http.auth.HttpServerRequestAuthentication

class documentation

class HttpServerRequestAuthentication(object):

Known subclasses: ganeti.server.rapi.RemoteApiHandler

Undocumented

Method	`Authenticate`	Checks the password for a user.
Method	`AuthenticationRequired`	Determines whether authentication is required for a request.
Method	`GetAuthRealm`	Returns the authentication realm for a request.
Method	`PreHandleRequest`	Called before a request is handled.
Method	`VerifyBasicAuthPassword`	Checks the password for basic authentication.
Constant	`AUTH_REALM`	Undocumented
Method	`_CheckAuthorization`	Checks 'Authorization' header sent by client.
Method	`_CheckBasicAuthorization`	Checks credentials sent for basic authentication.
Constant	`_CLEARTEXT_SCHEME`	Undocumented
Constant	`_HA1_SCHEME`	Undocumented

def Authenticate(self, req, user, password): ¶

overridden in ganeti.server.rapi.RemoteApiHandler

Checks the password for a user.

This function MUST be overridden by a subclass.

def AuthenticationRequired(self, req): ¶

overridden in ganeti.server.rapi.RemoteApiHandler

Determines whether authentication is required for a request.

To enable authentication, override this function in a subclass and return True. AUTH_REALM must be set.

Parameters
req:`http.server._HttpServerRequest`	HTTP request context

def GetAuthRealm(self, req): ¶

Returns the authentication realm for a request.

May be overridden by a subclass, which then can return different realms for different paths.

Parameters
req:`http.server._HttpServerRequest`	HTTP request context
Returns
string	Authentication realm

def PreHandleRequest(self, req): ¶

Called before a request is handled.

Parameters
req:`http.server._HttpServerRequest`	HTTP request context

def VerifyBasicAuthPassword(self, req, username, password, expected): ¶

Checks the password for basic authentication.

As long as they don't start with an opening brace ("{"), old passwords are supported. A new scheme uses H(A1) from RFC2617, where H is MD5 and A1 consists of the username, the authentication realm and the actual password.

Parameters
req:`http.server._HttpServerRequest`	HTTP request context
username:string	Username from HTTP headers
password:string	Password from HTTP headers
expected:string	Expected password with optional scheme prefix (e.g. from users file)

AUTH_REALM: str = ¶

overridden in ganeti.server.rapi.RemoteApiHandler

Undocumented

Value

'Unspecified'

def _CheckAuthorization(self, req): ¶

Checks 'Authorization' header sent by client.

Parameters
req:`http.server._HttpServerRequest`	HTTP request context
Returns
bool	Whether user is allowed to execute request

def _CheckBasicAuthorization(self, req, in_data): ¶

Checks credentials sent for basic authentication.

Parameters
req:`http.server._HttpServerRequest`	HTTP request context
in_data:str	Username and password encoded as Base64
Returns
bool	Whether user is allowed to execute request

_CLEARTEXT_SCHEME: str = ¶

Undocumented

Value

'{CLEARTEXT}'

_HA1_SCHEME: str = ¶

Undocumented

Value

'{HA1}'