ia64/xen-unstable

view tools/python/xen/xend/XendAuthSessions.py @ 19848:5839491bbf20

[IA64] replace MAX_VCPUS with d->max_vcpus where necessary.

don't use MAX_VCPUS, and use vcpu::max_vcpus.
The changeset of 2f9e1348aa98 introduced max_vcpus to allow more vcpus
per guest. This patch is ia64 counter part.

Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
author Isaku Yamahata <yamahata@valinux.co.jp>
date Mon Jun 29 11:26:05 2009 +0900 (2009-06-29)
parents cf3cf0d1b175
children
line source
1 #============================================================================
2 # This library is free software; you can redistribute it and/or
3 # modify it under the terms of version 2.1 of the GNU Lesser General Public
4 # License as published by the Free Software Foundation.
5 #
6 # This library is distributed in the hope that it will be useful,
7 # but WITHOUT ANY WARRANTY; without even the implied warranty of
8 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
9 # Lesser General Public License for more details.
10 #
11 # You should have received a copy of the GNU Lesser General Public
12 # License along with this library; if not, write to the Free Software
13 # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
14 #============================================================================
15 # Copyright (C) 2006 XenSource Ltd.
16 #============================================================================
18 import time
20 from xen.xend import uuid
21 from xen.xend.XendError import *
22 from xen.xend.XendLogging import log
24 class XendAuthSessions:
25 """Keeps track of Xen API Login Sessions using PAM.
27 Note: Login sessions are not valid across instances of Xend.
28 """
29 def __init__(self):
30 self.sessions = {}
32 def init(self):
33 pass
35 def login_unconditionally(self, username):
36 """Returns a session UUID if valid.
38 @rtype: string
39 @return: Session UUID
40 """
41 new_session = uuid.createString()
42 self.sessions[new_session] = (username, time.time())
43 return new_session
45 def login_with_password(self, username, password):
46 """Returns a session UUID if valid, otherwise raises an error.
48 @raises XendError: If login fails.
49 @rtype: string
50 @return: Session UUID
51 """
52 if self.is_authorized(username, password):
53 return self.login_unconditionally(username)
55 raise XendError("Login failed")
57 def logout(self, session):
58 """Delete session of it exists."""
59 if self.is_session_valid(session):
60 del self.sessions[session]
62 def is_session_valid(self, session):
63 """Returns true is session is valid."""
64 if type(session) == type(str()):
65 return (session in self.sessions)
66 return False
68 def is_authorized(self, username, password):
69 """Returns true is a user is authorised via PAM.
71 Note: We use the 'login' PAM stack rather than inventing
72 our own.
74 @rtype: boolean
75 """
76 pam_auth = None
77 try:
78 import PAM
79 pam_auth = PAM.pam()
80 except ImportError:
81 log.warn("python-pam is required for XenAPI support.")
82 return False
83 except NameError:
84 # if PAM doesn't exist, let's ignore it
85 return False
87 pam_auth.start("login")
88 pam_auth.set_item(PAM.PAM_USER, username)
90 def _pam_conv(auth, query_list, user_data = None):
91 resp = []
92 for i in range(len(query_list)):
93 query, qtype = query_list[i]
94 if qtype == PAM.PAM_PROMPT_ECHO_ON:
95 resp.append((username, 0))
96 elif qtype == PAM.PAM_PROMPT_ECHO_OFF:
97 resp.append((password, 0))
98 else:
99 return None
100 return resp
102 pam_auth.set_item(PAM.PAM_CONV, _pam_conv)
104 try:
105 pam_auth.authenticate()
106 pam_auth.acct_mgmt()
107 except PAM.error, resp:
108 return False
109 except Exception, e:
110 log.warn("Error with PAM: %s" % str(e))
111 return False
112 else:
113 return True
115 def get_user(self, session):
116 try:
117 return self.sessions[session][0]
118 except (KeyError, IndexError):
119 return None
122 def instance():
123 """Singleton constructor. Use this instead of the class constructor.
124 """
125 global inst
126 try:
127 inst
128 except:
129 inst = XendAuthSessions()
130 inst.init()
131 return inst