Commit Graph

9 Commits

Author SHA1 Message Date
Stanislav Levin
c1f7a14c95 Fix some untranslatable commands in Web UI API Browser
There are some missing translatable docstrings of commands and modules.

Fixes: https://pagure.io/freeipa/issue/7592
Reviewed-By: Tibor Dudlak <tdudlak@redhat.com>
2018-06-21 18:42:05 +02:00
Stanislav Levin
f5a04da95d Fix translation of commands description in API Browser
The command description is taken from python docstring. Thus
commands should have them and should include the callings of
gettext to be translated.

Reviewed-By: Christian Heimes <cheimes@redhat.com>
2018-06-12 08:38:56 +02:00
Jan Cholasta
ffadcb0414 logging: remove object-specific loggers
Remove all object-specific loggers, with the exception of `Plugin.log`,
which is now deprecated. Replace affected logger calls with module-level
logger calls.

Deprecate object-specific loggers in `ipa_log_manager.get_logger`.

Reviewed-By: Martin Basti <mbasti@redhat.com>
2017-07-14 15:55:59 +02:00
Simo Sorce
908d2eaba4 Fix session logout
There were 2 issues with session logouts, one is that the logout_cookie
was checked and acted on in the wrong place, the other is that the wrong
value was set in the IPASESSION header.

Fixes https://fedorahosted.org/freeipa/ticket/6685

Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
2017-02-22 10:15:50 +01:00
Simo Sorce
b895f4a34b Change session logout to kill only the cookie
Removing the ccache goes too far as it will cause unrelated sessions to
fail as well, this is a problem for accounts used to do unattended
operations and that may operate in parallel.

Fixes https://fedorahosted.org/freeipa/ticket/6682

Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
2017-02-17 09:57:23 +01:00
Simo Sorce
c894ebefc5 Change session handling
Stop using memcache, use mod_auth_gssapi filesystem based ccaches.
Remove custom session handling, use mod_auth_gssapi and mod_session to
establish and keep a session cookie.
Add loopback to mod_auth_gssapi to do form absed auth and pass back a
valid session cookie.
And now that we do not remove ccaches files to move them to the
memcache, we can avoid the risk of pollutting the filesystem by keeping
a common ccache file for all instances of the same user.

https://fedorahosted.org/freeipa/ticket/5959

Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
2017-02-15 07:13:37 +01:00
Jan Cholasta
a901ec1ce9 session: do not initialize session manager on import
Removes the side effect of attempting to connect to memcached when the
session module is imported, which caused user visible warnings and/or
SELinux AVC denials.

https://fedorahosted.org/freeipa/ticket/5988

Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
2016-06-30 14:09:24 +02:00
Jan Cholasta
dcf8b47471 session: move the session module from ipalib to ipaserver
The module is used only on the server, so there's no need to have it in
ipalib, which is shared by client and server.

https://fedorahosted.org/freeipa/ticket/5988

Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
2016-06-30 14:09:24 +02:00
Jan Cholasta
6e44557b60 ipalib: move server-side plugins to ipaserver
Move the remaining plugin code from ipalib.plugins to ipaserver.plugins.

Remove the now unused ipalib.plugins package.

https://fedorahosted.org/freeipa/ticket/4739

Reviewed-By: David Kupka <dkupka@redhat.com>
2016-06-03 09:00:34 +02:00