Override TACTIC Authentication

To override the authentication module, fill in the authenticate_class value in the security XML in your Tactic config file to point to your own custom authentication class.

<security>
    <user_table>login</user_table>
    <group_table>user_group</group_table>
    <security_table>security</security_table>
    <ticket_expiry>10 hour</ticket_expiry>
    <authenticate_class/>
    <auto_create_user>false</auto_create_user>
    <api_require_password>true</api_require_password>
    <api_password>poof</api_password>
</security>

The authentication class should resemble the example below:

class TacticAuthenticate(Authenticate):
    '''Authenticate using the TACTIC database'''
    def authenticate(my, login, password):
        # encrypt and check the password
        encrypted = md5.new(password).hexdigest()
        if encrypted != login.get_value("password"):
            raise SecurityException("Login/Password combination incorrect")
        return True

To auto create users which do not exist in the TACTIC database when authentication is successful, modify the following line in the XML:

auto_create_user = "true"

As a part of this process, you can also add other information retrieved from the active directory by overriding the add_user_info function as part of your custom authentication class:

class Authenticate(object):
    def authenticate(my, login, password):
        # This function must be override and must return True to authenticate
        raise SecurityException("Must override authenticate method")
 
    def add_user_info(my, user):
        ''' sets all the information about the user'''
        user.set_value("first_name", user.get_value("login") )
        user.set_value("last_name", "")
        user.set_value("email", "")

 

System-Admin