Shadow Daemon is a web application firewall that intercepts requests at the application level. This repository contains a component of Shadow Daemon to connect Python applications with the shadowd server.
For the full documentation please refer to shadowd.zecure.org.
You can install the package with easy_install or pip:
easy_install shadowd pip install shadowd
It is also possible to clone this repository and install the package manually:
python setup.py install
You also have to create a configuration file. You can copy misc/examples/connectors.ini to /etc/shadowd/connectors.ini. The example configuration is annotated and should be self-explanatory.
To protect CGI applications you simply have to load the module:
import shadowd.cgi_connector
Django applications require a small modification. It is necessary to create a hook to intercept requests. To do this create the file middleware/shadowdconnector.py in the application directory:
from shadowd.django_connector import InputDjango, OutputDjango, Connector
def shadowdconnector(get_response):
def middleware(request):
input = InputDjango(request)
output = OutputDjango()
status = Connector().start(input, output)
if not status == True:
return status
return get_response(request)
return middleware
There also has to be an empty __init__.py file in the middleware directory. Next you have to register the middleware in the settings.py file of your application:
MIDDLEWARE_CLASSES = (
'middleware.shadowdconnector.shadowdconnector',
# ...
)
The connector should be at the beginning of the MIDDLEWARE_CLASSES list.
Flask applications require a small modification as well. It is necessary to create a hook to intercept requests:
from shadowd.flask_connector import InputFlask, OutputFlask, Connector
@app.before_request
def before_req():
input = InputFlask(request)
output = OutputFlask()
Connector().start(input, output)