Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

modularize client authentication handlers #1796

Closed
totaam opened this issue Mar 31, 2018 · 3 comments
Closed

modularize client authentication handlers #1796

totaam opened this issue Mar 31, 2018 · 3 comments

Comments

@totaam
Copy link
Collaborator

totaam commented Mar 31, 2018
edited
Loading

The same way this was done for the server modules. The modules can then be configured more easily using the challenge-handlers string.
Making it easier to test and to implement new ones (ie: "exec" handler which calls an external binary)
We can also define a clearer interface so modules can claim a particular challenge mode, or be used as fallback.
@totaam
Copy link
Collaborator Author

totaam commented Feb 26, 2019
edited
Loading

See also #1861

@totaam
Copy link
Collaborator Author

totaam commented May 14, 2019
edited
Loading

At the moment, the process_challenge_uri comes first and is only used once: we clear the password value after use to give the other authentication handlers a chance to run. (details and examples in #1691#comment:8)

The other handlers behave differently... for some this doesn't matter too much (ie: prompt), but for others this prevents other modules from being tried (ie: file, env, etc)

@totaam
Copy link
Collaborator Author

totaam commented May 15, 2019
edited
Loading

Done in r22711 + r22713 + r22714 + r22715.

All the authentication handlers now live in xpra.client.auth.*.
Each instance can be configured separately, and the same handler type can be used more than once.

Examples:

  • authenticate using "env" module twice:
PASSWORD1=foo PASSWORD2=bar \
    xpra attach tcp://192.168.1.7:10000 \
    -d auth \
    --challenge-handlers=env:name=PASSWORD1 \
    --challenge-handlers=env:name=PASSWORD2
  • use a password file (--password-file command line argument is deprecated)
xpra attach tcp://192.168.1.7:10000 -d auth \
    --challenge-handlers=file,filename=pass.txt

@totaam totaam closed this as completed May 15, 2019
This was referenced Jan 22, 2021
Closed
Closed
Closed
totaam added a commit that referenced this issue Aug 29, 2022
@totaam
#1796 make the 'all' list of challenge handlers configurable
0da0d6f
@totaam totaam mentioned this issue Mar 15, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@totaam