Endian banner

Navigation

endian.authentication.handlers package

Submodules

endian.authentication.handlers.acct module

class EndianAuthenticationLayerAccounting(eal)

Bases: object

ACTIONS = ['open_session', 'close_session', 'list_open_sessions']
close_session(username, scope, session_id=None, **argv)

This function is used to indicate that an authenticated session has ended. The session should have been created with a call to open_session.

Parameters:
  • username (string) – username
  • scope (string) – a scope name
  • session_id (string) – optional session id (default = username)
list_open_sessions(username=None, scope=None, **argv)

List the open sessions.

Parameters:
  • username (string) – an optional username
  • scope (string) – an optional scope scope name
open_session(username, scope, local=None, remote=None, session_id=None, **argv)

Sets up a user session for a previously successful authenticated user. The session should later be terminated with a call to close_session.

Parameters:
  • username (string) – username
  • scope (string) – a scope name
  • local (string) – optional local IP address
  • remote (string) – optional remote IP address
  • session_id (string) – optional session id (default = username)

endian.authentication.handlers.ca module

class CAConfigItem(i=0, name='', subject='')

Bases: object

class EndianCertificateAuthority(eal)

Bases: object

ACTIONS = ['create_certificate', 'create_certificate_authority', 'revoke_certificate', 'verify_certificate', 'sign_certificate_request', 'create_hash_symlink', 'create_ca_hash_symlink', 'create_crl_hash_symlink', 'generate_crl', 'update_index']

Create the CA certificate hash symlink used by openssl

Parameters:cert_name (string) – CA Certificate name
create_certificate(cert_name, cert_email='', cert_ou='', cert_organization='', cert_city='', cert_state='', cert_country='', cert_subjectaltname='', cert_password='', cert_days='', cert_filename='', cert_type='', cert_comment='', cert_start_date='', **argv)

Create a new certificate

Parameters:
  • cert_name (string) – CN = CommonName
  • cert_email – Email address
  • cert_organization (string) – OU = Organization Unit typically certificate type
  • cert_city (string) – L = Locality; generally - city
  • cert_state (string) – ST = state or province
  • cert_country (string) – C = ISO3166 two character country code
  • cert_subjectaltname (string) –
  • cert_password (string) – certificate password
  • cert_days (string or int) – default certificate validity in days
  • cert_filename (string) – certificate file name (equals to cert_name if empty)
  • cert_type (string) – optional certificate type (check CERT_TYPE_OPTIONS for valid options)
  • cert_comment (string) – optional comment
  • cert_start_date (string in YYMMDDHHMMSSZ format) – optional certificate validity notBefore
create_certificate_authority(cert_name, cert_email='', cert_ou='', cert_organization='', cert_city='', cert_state='', cert_country='', cert_subjectaltname='', cert_days='', cert_filename='', **argv)

Create a new certificate

Parameters:
  • cert_name (string) – CN = CommonName
  • cert_email – Email address
  • cert_organization (string) – OU = Organization Unit typically certificate type
  • cert_city (string) – L = Locality; generally - city
  • cert_state (string) – ST = state or province
  • cert_country (string) – C = ISO3166 two character country code
  • cert_subjectaltname (string) –
  • cert_days (string or int) – default certificate validity in days
  • cert_filename (string) – certificate file name (equals to cert_name if empty)

Create the CRL hash symlink used by openssl

Parameters:cert_name (string) – CRL name

Create the certificate hash symlink used by openssl

Parameters:cert_name (string) – Certificate name
generate_crl()

Generate/regenerate the CRL file

revoke_certificate(cert_name, **argv)

Revoke and delete a certificate (the certificates issued by other CAs are only deleted, not revoked)

Parameters:cert_name (string) – Certificate name
sign_certificate_request(cert_name, cert_subjectaltname='', cert_password='', cert_days='', cert_filename='', cert_type='', cert_comment='', cert_start_date='', revoke_old_certificate=False, **argv)

Sign a certificate request

Parameters:
  • cert_name (string) – CN = CommonName
  • cert_subjectaltname (string) –
  • cert_password (string) – certificate password
  • cert_days (string or int) – default certificate validity in days
  • cert_type (string) – optional certificate type (check CERT_TYPE_OPTIONS for valid options)
  • cert_comment (string) – optional comment
  • cert_start_date (string in YYMMDDHHMMSSZ format) – optional certificate validity notBefore
  • revoke_old_certificate (boolean) – revoke the old certificate if exist
update_index()

Checks index.txt for expired certificates and mark them

verify_certificate(cert_name, **argv)

Verify a certificate

Parameters:cert_name (string) – Certificate name

Module contents

get_handlers()

Table Of Contents

Previous topic

endian.authentication package

Next topic

endian.authentication.providers package

Navigation

© Copyright 2014, Author. Documentation revision #, last updated on Mar 19, 2015.