version 1.1, 2004/05/14 09:52:04
|
version 1.2, 2006/07/05 12:38:21
|
Line 3
|
Line 3
|
import Globals |
import Globals |
from AccessControl.User import UserFolder |
from AccessControl.User import UserFolder |
from Globals import MessageDialog |
from Globals import MessageDialog |
|
import zLOG |
|
import re |
|
|
class IntranetUserFolder(UserFolder): |
class IntranetUserFolder(UserFolder): |
"""User folder for Intranet""" |
"""User folder for Intranet""" |
Line 10 class IntranetUserFolder(UserFolder):
|
Line 12 class IntranetUserFolder(UserFolder):
|
meta_type="IntranetUserFolder" |
meta_type="IntranetUserFolder" |
|
|
def authenticate(self, name, password, request): |
def authenticate(self, name, password, request): |
|
"""modified authenticate to use domainspecmath below""" |
|
#zLOG.LOG('IntranetUserFolder',zLOG.INFO,"authenticate %s, %s from %s"%(name,password,request['REMOTE_ADDR'])) |
|
|
emergency = self._emergency_user |
emergency = self._emergency_user |
if name is None: |
if name is None: |
return None |
return None |
Line 18 class IntranetUserFolder(UserFolder):
|
Line 23 class IntranetUserFolder(UserFolder):
|
else: |
else: |
user = self.getUser(name) |
user = self.getUser(name) |
if user is not None and user.authenticate(password, request): |
if user is not None and user.authenticate(password, request): |
|
domains = user.getDomains() |
|
if self.domainSpecMatch(domains, request): |
|
#zLOG.LOG('IntranetUserFolder',zLOG.INFO," as %s"%user) |
return user |
return user |
else: |
|
|
#zLOG.LOG('IntranetUserFolder',zLOG.INFO," failed!") |
return None |
return None |
|
|
def domainSpecMatch(self,spec, request): |
def domainSpecMatch(self,spec, request): |
|
"""modified domainspecmatch to look at FORWARDED_FOR""" |
|
#zLOG.LOG('IntranetUserFolder',zLOG.INFO,"domainspecmatch %s, %s"%(self,spec)) |
host='' |
host='' |
addr='' |
addr='' |
|
|
|
|
# Fast exit for the match-all case |
# Fast exit for the match-all case |
if len(spec) == 1 and spec[0] == '*': |
if len(spec) == 1 and spec[0] == '*': |
return 1 |
return 1 |
Line 33 class IntranetUserFolder(UserFolder):
|
Line 45 class IntranetUserFolder(UserFolder):
|
if request.has_key('REMOTE_HOST'): |
if request.has_key('REMOTE_HOST'): |
host=request['REMOTE_HOST'] |
host=request['REMOTE_HOST'] |
|
|
if request.has_key('REMOTE_ADDR'): |
addr=request.getClientAddr() |
addr=request['REMOTE_ADDR'] |
#if request.has_key('REMOTE_ADDR'): |
|
# addr=request['REMOTE_ADDR'] |
|
|
if request.has_key('HTTP_X_FORWARDED_FOR'): |
if request.has_key('HTTP_X_FORWARDED_FOR'): |
addr=request['HTTP_X_FORWARDED_FOR'] |
addr=request['HTTP_X_FORWARDED_FOR'] |
|
#zLOG.LOG('IntranetUserFolder',zLOG.INFO,"forwarded addr: %s"%(addr)) |
|
# check for strange headers (may be fake) |
|
if len(addr.split('.')) != 4: |
|
zLOG.LOG('IntranetUserFolder',zLOG.WARNING,"invalid forward addr: %s"%(addr)) |
|
return 0 |
|
|
if not host and not addr: |
if not host and not addr: |
return 0 |
return 0 |
Line 50 class IntranetUserFolder(UserFolder):
|
Line 67 class IntranetUserFolder(UserFolder):
|
try: addr=socket.gethostbyname(host) |
try: addr=socket.gethostbyname(host) |
except: pass |
except: pass |
|
|
|
|
_host=host.split('.') |
_host=host.split('.') |
_addr=addr.split('.') |
_addr=addr.split('.') |
_hlen=len(_host) |
_hlen=len(_host) |
_alen=len(_addr) |
_alen=len(_addr) |
|
|
|
#zLOG.LOG('IntranetUserFolder',zLOG.INFO,"host: %s, addr: %s"%(_host,_addr)) |
|
|
for ob in spec: |
for ob in spec: |
sz=len(ob) |
sz=len(ob) |
_ob=ob.split('.') |
_ob=ob.split('.') |
Line 99 class IntranetUserFolder(UserFolder):
|
Line 117 class IntranetUserFolder(UserFolder):
|
Globals.default__class_init__(IntranetUserFolder) |
Globals.default__class_init__(IntranetUserFolder) |
|
|
|
|
|
|
def manage_addIntranetUserFolder(self,dtself=None,REQUEST=None,**ignored): |
def manage_addIntranetUserFolder(self,dtself=None,REQUEST=None,**ignored): |
"""add a user folder """ |
"""add a user folder """ |
f=IntranetUserFolder() |
f=IntranetUserFolder() |
Line 116 def manage_addIntranetUserFolder(self,dt
|
Line 133 def manage_addIntranetUserFolder(self,dt
|
def manage_addIntranetUserFolderForm(self): |
def manage_addIntranetUserFolderForm(self): |
"""add a user folder form""" |
"""add a user folder form""" |
return manage_addIntranetUserFolder(self,REQUEST=self.REQUEST) |
return manage_addIntranetUserFolder(self,REQUEST=self.REQUEST) |
|
|
|
addr_match=re.compile(r'((\d{1,3}\.){1,3}\*)|((\d{1,3}\.){3}\d{1,3})').match |
|
host_match=re.compile(r'(([\_0-9a-zA-Z\-]*\.)*[0-9a-zA-Z\-]*)').match |