IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2024-12-30 10:47:08 -06:00
Code Issues Packages Projects Releases Wiki Activity
94f362d7b0
freeipa/ipaserver/plugins
History
Alexander Bokovoy 381c1c7a8f add whoami command 
Whoami command allows to query details about currently
authenticated identity. The command returns following information:

  * object class name
  * function to call to get actual details about the object
  * arguments to pass to the function

There are five types of objects that could bind to IPA using their
credentials. `ipa whoami` call expects one of the following:

  * users
  * staged users
  * hosts
  * Kerberos services
  * ID user override from the default trust view

The latter category of objects is automatically mapped by SASL GSSAPI
mapping rule in 389-ds for users from trusted Active Directory forests.

The command is expected to be used by Web UI to define proper view for
the authenticated identity. It is not visible in the command line
interface is `ipa` command.

Below is an example of how communication looks like for a host
principal:

   # kinit -k
   # ipa console
   (Custom IPA interactive Python console)
   >>> api.Command.whoami()
   {u'command': u'host_show/1', u'object': u'host', u'arguments': (u'ipa.example.com',)}
   >>>

Fixes https://pagure.io/freeipa/issue/6643

Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
2017-03-09 14:10:02 +01:00
..
__init__.py Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
aci.py wrap long line 2016-11-25 16:18:22 +01:00
automember.py allow 'value' output param in commands without primary key 2016-07-20 13:57:01 +02:00
automount.py ipalib: move server-side plugins to ipaserver 2016-06-03 09:00:34 +02:00
baseldap.py py3: get_memberofindirect: fix ByteWarnings 2017-02-08 15:41:39 +01:00
baseuser.py Support for Certificate Identity Mapping 2017-03-02 15:09:42 +01:00
batch.py remove trailing newlines form python modules 2016-10-12 10:38:52 +02:00
ca.py ca: correctly authorise ca-del, ca-enable and ca-disable 2017-02-28 14:30:23 +00:00
caacl.py Remove redundant principal_type argument 2017-03-03 12:09:57 +01:00
cert.py Add SHA256 fingerprints for certs 2017-03-07 19:52:43 +01:00
certmap.py IdM Server: list all Employees with matching Smart Card 2017-03-08 15:08:41 +01:00
certprofile.py Reuse self.api when executing ca_enabled_check 2017-01-11 15:26:20 +01:00
config.py fix missing translation string 2016-12-06 13:09:00 +01:00
delegation.py remove trailing newlines form python modules 2016-10-12 10:38:52 +02:00
dns.py dns: fix dnsrecord_add interactive mode 2017-03-08 15:52:41 +01:00
dnsserver.py help: Add dnsserver commands to help topic 'dns' 2016-07-22 13:52:09 +02:00
dogtag.py rabase.get_certificate: make serial number arg mandatory 2017-03-07 13:24:16 +01:00
domainlevel.py Check for conflict entries before raising domain level 2016-12-13 12:25:07 +01:00
group.py remove trailing newlines form python modules 2016-10-12 10:38:52 +02:00
hbac.py ipalib: move server-side plugins to ipaserver 2016-06-03 09:00:34 +02:00
hbacrule.py remove trailing newlines form python modules 2016-10-12 10:38:52 +02:00
hbacsvc.py remove trailing newlines form python modules 2016-10-12 10:38:52 +02:00
hbacsvcgroup.py remove trailing newlines form python modules 2016-10-12 10:38:52 +02:00
hbactest.py Remove unused variables in the code 2016-09-27 13:35:58 +02:00
host.py Add SHA256 fingerprints for certs 2017-03-07 19:52:43 +01:00
hostgroup.py remove trailing newlines form python modules 2016-10-12 10:38:52 +02:00
idrange.py remove trailing newlines form python modules 2016-10-12 10:38:52 +02:00
idviews.py add whoami command 2017-03-09 14:10:02 +01:00
internal.py WebUI: Add cermapmatch module 2017-03-08 16:22:01 +01:00
join.py ipalib: move server-side plugins to ipaserver 2016-06-03 09:00:34 +02:00
krbtpolicy.py ipalib: move server-side plugins to ipaserver 2016-06-03 09:00:34 +02:00
ldap2.py py3: remove_entry_from_group: attribute name must be string 2017-02-08 08:32:44 +01:00
location.py DNS Location: add list of roles and DNS servers to location-show 2016-06-17 18:05:03 +02:00
migration.py Fix ipa migrate-ds when it finds a search reference 2016-11-17 01:01:05 +01:00
misc.py Make env and plugins commands local again 2016-12-02 13:00:06 +01:00
netgroup.py netgroup: avoid extraneous LDAP search when retrieving primary key from DN 2016-09-09 16:27:53 +02:00
otp.py ipalib: move server-side plugins to ipaserver 2016-06-03 09:00:34 +02:00
otpconfig.py ipalib: move server-side plugins to ipaserver 2016-06-03 09:00:34 +02:00
otptoken.py do not use keys() method when iterating through dictionaries 2016-10-12 10:38:52 +02:00
passwd.py remove trailing newlines form python modules 2016-10-12 10:38:52 +02:00
permission.py Fix permission-find with sizelimit set 2016-12-07 13:01:58 +01:00
ping.py ipalib: move server-side plugins to ipaserver 2016-06-03 09:00:34 +02:00
pkinit.py Use Anonymous user to obtain FAST armor ccache 2017-02-15 07:13:37 +01:00
privilege.py Remove unused variables in the code 2016-09-27 13:35:58 +02:00
pwpolicy.py pwpolicy: do not run klist on import 2016-10-24 14:11:08 +02:00
rabase.py rabase.get_certificate: make serial number arg mandatory 2017-03-07 13:24:16 +01:00
radiusproxy.py prevent search for RADIUS proxy servers by secret 2016-07-21 10:49:10 +02:00
realmdomains.py ipautil: remove get_domain_name() 2016-11-29 14:50:51 +01:00
role.py remove trailing newlines form python modules 2016-10-12 10:38:52 +02:00
schema.py schema: Fix subtopic -> topic mapping 2016-07-15 14:02:17 +02:00
selfservice.py remove trailing newlines form python modules 2016-10-12 10:38:52 +02:00
selinuxusermap.py remove trailing newlines form python modules 2016-10-12 10:38:52 +02:00
server.py Break ipaplatform / ipalib import cycle of hell 2016-11-24 16:30:32 +01:00
serverrole.py Fix minor typos 2016-06-16 08:47:20 +02:00
serverroles.py Do not update result of *-config-show with empty server attributes 2016-06-21 13:07:24 +02:00
service.py Add SHA256 fingerprints for certs 2017-03-07 19:52:43 +01:00
servicedelegation.py Fix regexp patterns in parameters to not enforce length 2016-09-20 17:35:28 +02:00
session.py Fix session logout 2017-02-22 10:15:50 +01:00
stageuser.py Support for Certificate Identity Mapping 2017-03-02 15:09:42 +01:00
sudo.py ipalib: move server-side plugins to ipaserver 2016-06-03 09:00:34 +02:00
sudocmd.py remove trailing newlines form python modules 2016-10-12 10:38:52 +02:00
sudocmdgroup.py remove trailing newlines form python modules 2016-10-12 10:38:52 +02:00
sudorule.py sudorule: add SELinux transition examples to plugin doc 2016-09-23 14:59:43 +02:00
topology.py Fix regexp patterns in parameters to not enforce length 2016-09-20 17:35:28 +02:00
trust.py Drop use of kinit_as_http from trust code 2017-02-15 07:13:37 +01:00
user.py Support for Certificate Identity Mapping 2017-03-02 15:09:42 +01:00
vault.py Moving ipaCert from HTTPD_ALIAS_DIR 2017-03-01 09:43:41 +00:00
virtual.py ipalib: move server-side plugins to ipaserver 2016-06-03 09:00:34 +02:00
whoami.py add whoami command 2017-03-09 14:10:02 +01:00
xmlserver.py Added new authentication method 2016-08-17 16:55:49 +02:00