Revert "1) Added support for Kerberos authentication, using SPNEGO to forward the Kerberos tickets through a browser. Fixes #5457"

This reverts commit 6ead597b43.
2025-02-25 18:55:31 -06:00 · 2021-01-14 14:46:59 +05:30
parent 6ead597b43
commit f0debdd513
22 changed files with 40 additions and 474 deletions
--- a/web/pgadmin/browser/init.py
+++ b/web/pgadmin/browser/init.py
@@ -29,7 +29,7 @@ from flask_security.recoverable import reset_password_token_status, \
    generate_reset_password_token, update_password
 from flask_security.signals import reset_password_instructions_sent
 from flask_security.utils import config_value, do_flash, get_url, \
-    get_message, slash_url_suffix, login_user, send_mail, logout_user
+    get_message, slash_url_suffix, login_user, send_mail
 from flask_security.views import _security, _commit, _ctx
 from werkzeug.datastructures import MultiDict

@@ -47,8 +47,7 @@ from pgadmin.utils.master_password import validate_master_password, \
    set_masterpass_check_text, cleanup_master_password, get_crypt_key, \
    set_crypt_key, process_masterpass_disabled
 from pgadmin.model import User
-from pgadmin.utils.constants import MIMETYPE_APP_JS, PGADMIN_NODE,\
-    INTERNAL, KERBEROS
+from pgadmin.utils.constants import MIMETYPE_APP_JS, PGADMIN_NODE

 try:
    from flask_security.views import default_render_json
@@ -281,8 +280,7 @@ class BrowserModule(PgAdminModule):
                'browser.check_master_password',
                'browser.set_master_password',
                'browser.reset_master_password',
-                'browser.lock_layout'
-                ]
+                'browser.lock_layout']


 blueprint = BrowserModule(MODULE_NAME, __name__)
@@ -541,12 +539,6 @@ class BrowserPluginModule(PgAdminModule):


 def _get_logout_url():
-    if config.SERVER_MODE and\
-            session['_auth_source_manager_obj']['current_source'] == \
-            KERBEROS:
-        return '{0}?next={1}'.format(url_for(
-            'authenticate.kerberos_logout'), url_for(BROWSER_INDEX))
-
    return '{0}?next={1}'.format(
        url_for('security.logout'), url_for(BROWSER_INDEX))

@@ -672,18 +664,13 @@ def index():
    auth_only_internal = False
    auth_source = []

-    session['allow_save_password'] = True
-
    if config.SERVER_MODE:
        if len(config.AUTHENTICATION_SOURCES) == 1\
-                and INTERNAL in config.AUTHENTICATION_SOURCES:
+                and 'internal' in config.AUTHENTICATION_SOURCES:
            auth_only_internal = True
        auth_source = session['_auth_source_manager_obj'][
            'source_friendly_name']

-        if session['_auth_source_manager_obj']['current_source'] == KERBEROS:
-            session['allow_save_password'] = False
-
    response = Response(render_template(
        MODULE_NAME + "/index.html",
        username=current_user.username,
@@ -1099,7 +1086,7 @@ if hasattr(config, 'SECURITY_RECOVERABLE') and config.SECURITY_RECOVERABLE:
            # Check the Authentication source of the User
            user = User.query.filter_by(
                email=form.data['email'],
-                auth_source=INTERNAL
+                auth_source=current_app.PGADMIN_DEFAULT_AUTH_SOURCE
            ).first()

            if user is None: