Add (crude) support for SPNEGO in the web interface

svn path=/trunk/packages/invirt-web/; revision=1642

diff --git a/code/main.py b/code/main.py
index 551ed04..cf1424a 100755 (executable)
--- a/code/main.py
+++ b/code/main.py
@@ -652,7 +652,18 @@ def show_error(op, username, fields, err, emsg, traceback):
 
 def getUser(environ):
     """Return the current user based on the SSL environment variables"""
-    return environ.get('REMOTE_USER', None)
+    user = environ.get('REMOTE_USER')
+    if user is None:
+        return
+    
+    if environ.get('AUTH_TYPE') == 'Negotiate':
+        # Convert the krb5 principal into a krb4 username
+        if not user.endswith('@%s' % config.authn[0].realm):
+            return
+        else:
+            return user.split('@')[0].replace('/', '.')
+    else:
+        return user
 
 def handler(username, state, path, fields):
     operation, path = pathSplit(path)