X-Git-Url: http://xvm.mit.edu/gitweb/invirt/packages/invirt-web.git/blobdiff_plain/bf27ca1d371e1bb6b49c7e7d47438985e1399d24..82e153ac0aa4f3697db9d799a42fee4fcc198826:/code/main.py

diff --git a/code/main.py b/code/main.py
index 452a285..15647b9 100755
--- a/code/main.py
+++ b/code/main.py
@@ -36,12 +36,13 @@ import templates
 from Cheetah.Template import Template
 import validation
 import cache_acls
-from webcommon import InvalidInput, CodeError, State
+from webcommon import State
 import controls
 from getafsgroups import getAfsGroupMembers
 from invirt import database
 from invirt.database import Machine, CDROM, session, connect, MachineAccess, Type, Autoinstall
 from invirt.config import structs as config
+from invirt.common import InvalidInput, CodeError
 
 def pathSplit(path):
     if path.startswith('/'):
@@ -245,7 +246,7 @@ def vnc(username, state, path, fields):
     """
     machine = validation.Validate(username, state, machine_id=fields.getfirst('machine_id')).machine
 
-    token = controls.remctl('control', machine.name, 'vnctoken')
+    token = controls.vnctoken(machine)
     host = controls.listHost(machine)
     if host:
         port = 10003 + [h.hostname for h in config.hosts].index(host)
@@ -387,7 +388,6 @@ def modifyDict(username, state, fields):
 
         session.save_or_update(machine)
         if update_acl:
-            print >> sys.stderr, machine, machine.administrator
             cache_acls.refreshMachine(machine)
         session.commit()
     except:
@@ -429,8 +429,8 @@ def helpHandler(username, state, path, fields):
     help_mapping = {'ParaVM Console': """
 ParaVM machines do not support local console access over VNC.  To
 access the serial console of these machines, you can SSH with Kerberos
-to console.%s, using the name of the machine as your
-username.""" % config.dns.domains[0],
+to %s, using the name of the machine as your
+username.""" % config.console.hostname,
                     'HVM/ParaVM': """
 HVM machines use the virtualization features of the processor, while
 ParaVM machines use Xen's emulation of virtualization features.  You
@@ -651,7 +651,18 @@ def show_error(op, username, fields, err, emsg, traceback):
 
 def getUser(environ):
     """Return the current user based on the SSL environment variables"""
-    return environ.get('REMOTE_USER', None)
+    user = environ.get('REMOTE_USER')
+    if user is None:
+        return
+    
+    if environ.get('AUTH_TYPE') == 'Negotiate':
+        # Convert the krb5 principal into a krb4 username
+        if not user.endswith('@%s' % config.authn[0].realm):
+            return
+        else:
+            return user.split('@')[0].replace('/', '.')
+    else:
+        return user
 
 def handler(username, state, path, fields):
     operation, path = pathSplit(path)