+ self.trusted_cert_list = TrustedRoots(self.config.get_trustedroots_dir()).get_list()
+ self.trusted_cert_file_list = TrustedRoots(self.config.get_trustedroots_dir()).get_file_list()
+
+
+
+ def checkCredentials(self, creds, operation, hrn = None):
+ valid = []
+ if not isinstance(creds, list):
+ creds = [creds]
+ logger.debug("Auth.checkCredentials with %d creds"%len(creds))
+ for cred in creds:
+ try:
+ self.check(cred, operation, hrn)
+ valid.append(cred)
+ except:
+ cred_obj=Credential(string=cred)
+ logger.debug("failed to validate credential - dump=%s"%cred_obj.dump_string(dump_parents=True))
+ error = sys.exc_info()[:2]
+ continue
+
+ if not len(valid):
+ raise InsufficientRights('Access denied: %s -- %s' % (error[0],error[1]))
+
+ return valid
+