External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-02-15 18:20:00 -03:30
Code Issues Packages Projects Releases Wiki Activity

Basic tacacs+ CTiT.

Browse Source
This commit is contained in:
Aaron Tan
2017-03-28 13:18:09 -04:00
parent 84c6d41bd4
commit f2c99eeaf5
3 changed files with 81 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
awx/settings/defaults.py
View File

@@ -313,6 +313,14 @@ RADIUS_SERVER = ''
RADIUS_PORT = 1812 RADIUS_PORT = 1812
RADIUS_SECRET = '' RADIUS_SECRET = ''
# TACACS+ settings (default host to empty string to skip using TACACS+ auth).
# Note: These settings may be overridden by database settings.
TACACSPLUS_HOST = ''
TACACSPLUS_PORT = 49
TACACSPLUS_SECRET = ''
TACACSPLUS_SESSION_TIMEOUT = 5
TACACSPLUS_AUTH_PROTOCOL = 'ascii'
# Seconds before auth tokens expire. # Seconds before auth tokens expire.
# Note: This setting may be overridden by database settings. # Note: This setting may be overridden by database settings.
AUTH_TOKEN_EXPIRATION = 1800 AUTH_TOKEN_EXPIRATION = 1800

66
awx/sso/conf.py
View File

@@ -520,6 +520,72 @@ register(
encrypted=True, encrypted=True,
) )
###############################################################################
# TACACSPLUS AUTHENTICATION SETTINGS
###############################################################################
register(
'TACACSPLUS_HOST',
field_class=fields.CharField,
allow_blank=True,
default='',
label=_('TACACS+ Server'),
help_text=_('Hostname of TACACS+ server.'),
category=_('TACACSPLUS'),
category_slug='tacacsplus',
feature_required='enterprise_auth',
)
register(
'TACACSPLUS_PORT',
field_class=fields.IntegerField,
min_value=1,
max_value=65535,
default=49,
label=_('TACACS+ Port'),
help_text=_('Port number of TACACS+ server.'),
category=_('TACACSPLUS'),
category_slug='tacacsplus',
feature_required='enterprise_auth',
)
register(
'TACACSPLUS_SECRET',
field_class=fields.TACACSPLUSSecretField,
allow_blank=True,
default='',
label=_('TACACS+ Secret'),
help_text=_('Shared secret for authenticating to TACACS+ server.'),
category=_('TACACSPLUS'),
category_slug='tacacsplus',
feature_required='enterprise_auth',
encrypted=True,
)
register(
'TACACSPLUS_SESSION_TIMEOUT',
field_class=fields.IntegerField,
min_value=0,
default=5,
label=_('TACACS+ Auth Session Timeout'),
help_text=_('TACACS+ session timeout value in seconds. Set to 0 to cancel timeout.'),
category=_('TACACSPLUS'),
category_slug='tacacsplus',
feature_required='enterprise_auth',
)
register(
'TACACSPLUS_AUTH_PROTOCOL',
field_class=fields.ChoiceField,
choices=['ascii', 'pap'],
default='ascii',
label=_('TACACS+ Authentication Protocol'),
help_text=_('Choose the authentication protocol used by TACACS+ client.'),
category=_('TACACSPLUS'),
category_slug='tacacsplus',
feature_required='enterprise_auth',
)
############################################################################### ###############################################################################
# GOOGLE OAUTH2 AUTHENTICATION SETTINGS # GOOGLE OAUTH2 AUTHENTICATION SETTINGS
############################################################################### ###############################################################################

5
awx/sso/fields.py
View File

@@ -470,6 +470,11 @@ class RADIUSSecretField(fields.CharField):
return value return value
class TACACSPLUSSecretField(RADIUSSecretField):
pass
class SocialMapStringRegexField(fields.CharField): class SocialMapStringRegexField(fields.CharField):
def to_representation(self, value): def to_representation(self, value):