Forwarding to sugar-devel, as the original mail bounced, as I was not subscribed to the mailing list.<br>Now I am :-)<br><br>Regards,<br>Ajay<br><br><div class="gmail_quote">---------- Forwarded message ----------<br>From: <b class="gmail_sendername">Ajay Garg</b> <span dir="ltr"><<a href="mailto:ajay@activitycentral.com">ajay@activitycentral.com</a>></span><br>
Date: Thu, Dec 8, 2011 at 8:22 PM<br>Subject: Re: [PATCH sucrose-0.94][RFC] Add capability to connect to WPA/WPA2-Enterprise networks<br>To: Anish Mangal <<a href="mailto:anish@activitycentral.org">anish@activitycentral.org</a>><br>
Cc: sugar-devel <<a href="mailto:sugar-devel@lists.sugarlabs.org">sugar-devel@lists.sugarlabs.org</a>>, Dextrose Mailing List <<a href="mailto:dextrose@lists.sugarlabs.org">dextrose@lists.sugarlabs.org</a>>, Sascha Silbe <<a href="mailto:silbe@activitycentral.com">silbe@activitycentral.com</a>><br>
<br><br>Hi all.<br><br>The TLS-based authentication is working, if the settings are entered via nm-applet, but it's not working via python (bindings).<br>Please find the details below, wherein the details are mentioned in the mail-conversation with Jirka (a red-hat guy).<br>

<br>The crux is that, if the NetworkManager expects a setting (of type "802-1x" here), it gives an error, with error code "2" in /var/log/messages.<br>Inspite of me entering a key_value_dict['client-cert'] entry by manual hardcoding, it gives the same error (error code "2").<br>

<br>(Also note that I have tried both <b>key_value_dict['client-cert'] = 'some_value'</b>, as well as <b>key_value_dict['client_cert'] = 'some_value'</b>. But I always, consistently get the error code "2" (and not may be "1", that indicates a wrong, but a NON-EMPTY value nevertheless). )<br>

<br><b><br>Could anyone help?<br>Or may be guide me as to how to go about looking into the python-bindings for networkmanager?</b><br><br><br><br><br><br><br><u>Here is the mail conversation ::</u><br><br>=======================================================================================================<br>

If I do set a not-empty, but invalid value for 'eap', like "key_value_dict['802-1x']['eap'] = ['atls']", I do get the error code "1" (and not "2").<br><br>I may repeat, that setting a NON-EMPTY (correct or incorrect) value for "key_value_dict['802-1x']['client-cert']" gives the error code "2", irrespective.<br>


<br>Regards,<br><font color="#888888">Ajay</font><div><span>- Hide quoted text -</span></div><br><br>On Thu, Dec 8, 2011 at 12:56 PM, Ajay Garg <span dir="ltr"><<a href="mailto:ajaygargnsit@gmail.com" target="_blank">ajaygargnsit@gmail.com</a>></span> wrote:<br>


1. I started afresh, removing all properties.<br><br><br>2. I tried to activate the connection (without any '802-1x' setting), I got the following error ::<br><br>   <b> Dec  8 12:46:09 ajay NetworkManager[1455]: <warn> invalid connection Auto MTNL (665294166e053bc37a0f05c96f79aa7c7ff0b0cd):  <br>



    'NMSetting8021x' / 'eap' invalid: 2</b><br><br>    Expected.<br><br>3. I set "key_value_dict['802-1x]['eap'] = ['tls']", and again activated the connection.<br>    The above error vanished.<br>



 <br>    But I got ::<br><br> <b>   Dec  8 12:46:09 ajay NetworkManager[1455]: <warn> invalid connection Auto MTNL (665294166e053bc37a0f05c96f79aa7c7ff0b0cd): <br><div>    'NMSetting8021x' / 'client-cert' invalid: 2</div>


</b><br>
<br>     Expected.<br><br><br>4. I also set "key_value_dict['802-1x']['client-cert'] = 'some_bull_shit'", and again activated the connection.<br>    I (again) got the error ::<br><br>   <b> Dec  8 12:46:09 ajay NetworkManager[1455]: <warn> invalid connection Auto MTNL (665294166e053bc37a0f05c96f79aa7c7ff0b0cd): <br>


<div>
    'NMSetting8021x' / 'client-cert' invalid: 2</div></b><br><br>    Not expected (the setting value may be wrong, but the setting is there. So, error code should be "1" I guess (and not "2").<br>



<br><br>Hmm.<br>What could be done, Jirka? :-|<br><br>Regards,<br><font color="#888888">Ajay</font><br>=======================================================================================================<br><br><br><br>

Regards,<br><font color="#888888">Ajay</font><div><div></div><div class="h5"><br><br><br><br><div class="gmail_quote">On Fri, Dec 2, 2011 at 3:40 PM, Anish Mangal <span dir="ltr"><<a href="mailto:anish@activitycentral.org" target="_blank">anish@activitycentral.org</a>></span> wrote:<br>


<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">From: Ajay Garg <<a href="mailto:ajay@sugarlabs.org" target="_blank">ajay@sugarlabs.org</a>><br>


<br>
As per user-workflow, there is no difference :-<br>
---------------------------------------------------------------<br>
<br>
1a. The (WPA/WPA2-Enterprise) network-icon is available on the<br>
neighbourhood-view.<br>
1b. Upon clicking the network-icon, a popup dialog appears, asking for<br>
    parameters.<br>
1c. Upon clicking ok, the connection is made (shown by the<br>
    'Network-Connected'-icon in the tray).<br>
<br>
2. If the connection is made successfully, the network-profile is saved<br>
   in "connections.cfg". From next reboot onwards, the connection is made<br>
    automatically.<br>
<br>
Configurations :-<br>
------------------------<br>
<br>
Following configurations have been tested to work :<br>
1. Tunnelled TLS (TTLS)<br>
2. Protected EAP (PEAP)<br>
<br>
Following configurations are still to be tested :<br>
1. LEAP (seems that it requires support from the access-point).<br>
2. TLS  (the testing couldn't be done, even with nm-applet. Would<br>
   like to hear if anyone gets it working with nm-applet, since the<br>
   sugar-parameters-UI is modelled on nm-applet-UI.)<br>
<br>
The patch contains the UI-frontend code for entering all 4<br>
configuration parameters (modelled on nm-applet's "Connect<br>
to Hidden Wireless Network" -> "WPA/WPA2 Enterprise".<br>
<br>
Signed-off-by: Ajay Garg <<a href="mailto:ajay@activitycentral.com" target="_blank">ajay@activitycentral.com</a>><br>
Tested-by: Anish Mangal <<a href="mailto:anish@activitycentral.com" target="_blank">anish@activitycentral.com</a>><br>
---<br>
 src/jarabe/desktop/keydialog.py    |  174 +++++++++++++++++++++++++-<br>
 src/jarabe/desktop/networkviews.py |  248 +++++++++++++++++++++++++++++++++++-<br>
 src/jarabe/model/network.py        |   22 +++-<br>
 3 files changed, 437 insertions(+), 7 deletions(-)<br>
<br>
diff --git a/src/jarabe/desktop/keydialog.py b/src/jarabe/desktop/keydialog.py<br>
index c72f498..9a1675c 100644<br>
--- a/src/jarabe/desktop/keydialog.py<br>
+++ b/src/jarabe/desktop/keydialog.py<br>
@@ -32,6 +32,10 @@ WEP_PASSPHRASE = 1<br>
 WEP_HEX = 2<br>
 WEP_ASCII = 3<br>
<br>
+SETTING_TYPE_STRING = 1<br>
+SETTING_TYPE_LIST = 2<br>
+<br>
+<br>
<br>
 def string_is_hex(key):<br>
     is_hex = True<br>
@@ -120,6 +124,158 @@ class KeyDialog(gtk.Dialog):<br>
         return self._response<br>
<br>
<br>
+# Plain Old Python Object (POPO)<br>
+class NetworkParametersPOPO(gtk.HBox):<br>
+    def __init__(self, auth_param):<br>
+        gtk.HBox.__init__(self, homogeneous=True)<br>
+        self._key = auth_param._key_name<br>
+        self._label = gtk.Label(_(auth_param._key_label))<br>
+        self._key_type = auth_param._key_type<br>
+<br>
+        # Decide, if we need to show a 'entry',<br>
+        # or a 'list-store'<br>
+        if len(auth_param._options) == 0:<br>
+            self._show_entry = True<br>
+        else:<br>
+            self._show_entry = False<br>
+<br>
+        self.pack_start(self._label)<br>
+        self._label.show()<br>
+<br>
+        if self._show_entry:<br>
+            self._entry = gtk.Entry()<br>
+            self.pack_start(self._entry)<br>
+            self._entry.show()<br>
+        else:<br>
+            self._option_store = gtk.ListStore(str, str)<br>
+            for option in auth_param._options:<br>
+                self._option_store.append(option)<br>
+<br>
+            self._list_store_entry = auth_param._options[0][1]<br>
+            self._option_combo = gtk.ComboBox(self._option_store)<br>
+            cell = gtk.CellRendererText()<br>
+            self._option_combo.pack_start(cell, True)<br>
+            self._option_combo.add_attribute(cell, 'text', 0)<br>
+            self._option_combo.set_active(0)<br>
+            self._option_combo.connect('changed',<br>
+                    self._option_combo_changed_cb)<br>
+            self.pack_start(self._option_combo)<br>
+            self.show()<br>
+            self._option_combo.show()<br>
+<br>
+    def _option_combo_changed_cb(self, widget):<br>
+        it = self._option_combo.get_active_iter()<br>
+        (value, ) = self._option_store.get(it, 1)<br>
+        self._list_store_entry = value<br>
+<br>
+    def _get_key(self):<br>
+        return self._key<br>
+<br>
+    def _get_value(self):<br>
+        if self._show_entry:<br>
+            return self._entry.get_text()<br>
+        else:<br>
+            return self._list_store_entry<br>
+<br>
+<br>
+class KeyValuesDialog(gtk.Dialog):<br>
+    def __init__(self, auth_lists, final_callback, uuid, settings):<br>
+        gtk.Dialog.__init__(self, flags=gtk.DIALOG_MODAL)<br>
+        self.set_title(_('Wireless Parameters required'))<br>
+<br>
+        self._auth_lists = auth_lists<br>
+        self._final_callback = final_callback<br>
+        self._uuid = uuid<br>
+        self._settings = settings<br>
+<br>
+        label = gtk.Label(_("Please enter parameters\n"))<br>
+        self.vbox.pack_start(label)<br>
+<br>
+        self._auth_type_store = gtk.ListStore(str, str)<br>
+        for auth_list in self._auth_lists:<br>
+            self._auth_type_store.append([auth_list._auth_label,<br>
+                                          auth_list._auth_type])<br>
+<br>
+        self._auth_type_combo = gtk.ComboBox(self._auth_type_store)<br>
+        cell = gtk.CellRendererText()<br>
+        self._auth_type_combo.pack_start(cell, True)<br>
+        self._auth_type_combo.add_attribute(cell, 'text', 0)<br>
+        self._auth_type_combo.set_active(0)<br>
+        self._auth_type_combo.connect('changed',<br>
+                self._auth_type_combo_changed_cb)<br>
+        self._auth_type_box = gtk.HBox(homogeneous=True)<br>
+        self._auth_label = gtk.Label(_('Authentication'))<br>
+        self._auth_type_box.pack_start(self._auth_label, expand=False)<br>
+        self._auth_type_box.pack_start(self._auth_type_combo,<br>
+                                       expand=False)<br>
+        self.vbox.pack_start(self._auth_type_box)<br>
+        self._auth_label.show()<br>
+        self._auth_type_combo.show()<br>
+<br>
+        self.add_buttons(gtk.STOCK_OK, gtk.RESPONSE_OK)<br>
+        self.set_default_response(gtk.RESPONSE_OK)<br>
+        self.set_has_separator(True)<br>
+<br>
+        self.connect('response', self._fetch_values)<br>
+<br>
+        auth_type = self._auth_lists[0]._auth_type<br>
+        self._selected_auth_list = self._select_auth_list(auth_type)<br>
+        self._add_key_value('eap', auth_type)<br>
+        self._add_container_box()<br>
+<br>
+    def _auth_type_combo_changed_cb(self, widget):<br>
+        it = self._auth_type_combo.get_active_iter()<br>
+        (auth_type, ) = self._auth_type_store.get(it, 1)<br>
+        self._selected_auth_list = self._select_auth_list(auth_type)<br>
+        self._add_key_value('eap', auth_type)<br>
+        self._reset()<br>
+<br>
+    def _select_auth_list(self, auth_type):<br>
+        for auth_list in self._auth_lists:<br>
+            if auth_list._params_list[0]._options[0][1] == auth_type:<br>
+                return auth_list<br>
+<br>
+    def _populate_auth_params(self, auth_list):<br>
+        for auth_param in auth_list._params_list[1:]:<br>
+            obj = NetworkParametersPOPO(auth_param)<br>
+            self._key_values_box.pack_start(obj)<br>
+            obj.show()<br>
+<br>
+    def _reset(self):<br>
+        self.vbox.remove(self._key_values_box)<br>
+        self._add_container_box()<br>
+<br>
+    def _add_container_box(self):<br>
+        self._key_values_box = gtk.VBox()<br>
+        self.vbox.pack_start(self._key_values_box)<br>
+        self._key_values_box.show()<br>
+        self._populate_auth_params(self._selected_auth_list)<br>
+<br>
+    def _remove_all_params(self):<br>
+        self._key_values_box.remove_all()<br>
+<br>
+    def _fetch_values(self, key_dialog, response_id):<br>
+        if response_id == gtk.RESPONSE_OK:<br>
+            for child in self._key_values_box.get_children():<br>
+                key = child._get_key()<br>
+                value = child._get_value()<br>
+                self._add_key_value(key, value)<br>
+<br>
+            key_dialog.destroy()<br>
+            self._final_callback(self._uuid, self._settings,<br>
+                                 self._selected_auth_list)<br>
+<br>
+    def _add_key_value(self, key, value):<br>
+        for auth_param in self._selected_auth_list._params_list:<br>
+            if auth_param._key_name == key:<br>
+                if auth_param._key_type == SETTING_TYPE_STRING:<br>
+                    auth_param._value = value<br>
+                elif auth_param._key_type == SETTING_TYPE_LIST:<br>
+                    values = []<br>
+                    values.append(value)<br>
+                    auth_param._value = values<br>
+<br>
+<br>
 class WEPKeyDialog(KeyDialog):<br>
     def __init__(self, ssid, flags, wpa_flags, rsn_flags, dev_caps, settings,<br>
                  response):<br>
@@ -218,7 +374,7 @@ class WEPKeyDialog(KeyDialog):<br>
         self.set_response_sensitive(gtk.RESPONSE_OK, valid)<br>
<br>
<br>
-class WPAKeyDialog(KeyDialog):<br>
+class WPAPersonalKeyDialog(KeyDialog):<br>
     def __init__(self, ssid, flags, wpa_flags, rsn_flags, dev_caps, settings,<br>
                  response):<br>
         KeyDialog.__init__(self, ssid, flags, wpa_flags, rsn_flags,<br>
@@ -296,14 +452,26 @@ def create(ssid, flags, wpa_flags, rsn_flags, dev_caps, settings, response):<br>
             rsn_flags == network.NM_802_11_AP_SEC_NONE:<br>
         key_dialog = WEPKeyDialog(ssid, flags, wpa_flags, rsn_flags,<br>
                                   dev_caps, settings, response)<br>
-    else:<br>
-        key_dialog = WPAKeyDialog(ssid, flags, wpa_flags, rsn_flags,<br>
+    elif (wpa_flags & network.NM_802_11_AP_SEC_KEY_MGMT_PSK) or \<br>
+            (rsn_flags & network.NM_802_11_AP_SEC_KEY_MGMT_PSK):<br>
+        key_dialog = WPAPersonalKeyDialog(ssid, flags, wpa_flags, rsn_flags,<br>
                                   dev_caps, settings, response)<br>
+    elif (wpa_flags & network.NM_802_11_AP_SEC_KEY_MGMT_802_1X) or \<br>
+            (rsn_flags & network.NM_802_11_AP_SEC_KEY_MGMT_802_1X):<br>
+        # nothing. All details are asked for WPA/WPA2-Enterprise<br>
+        # networks, before the conneection-activation is done.<br>
+        pass<br>
<br>
     key_dialog.connect('response', _key_dialog_response_cb)<br>
     key_dialog.show_all()<br>
<br>
<br>
+def get_key_values(key_list, final_callback, uuid, settings):<br>
+    key_dialog = KeyValuesDialog(key_list, final_callback,<br>
+                                 uuid, settings)<br>
+    key_dialog.show_all()<br>
+<br>
+<br>
 def _key_dialog_response_cb(key_dialog, response_id):<br>
     response = key_dialog.get_response_object()<br>
     secrets = None<br>
diff --git a/src/jarabe/desktop/networkviews.py b/src/jarabe/desktop/networkviews.py<br>
index 2fb8593..738a142 100644<br>
--- a/src/jarabe/desktop/networkviews.py<br>
+++ b/src/jarabe/desktop/networkviews.py<br>
@@ -22,6 +22,7 @@ import hashlib<br>
<br>
 import dbus<br>
 import glib<br>
+import string<br>
<br>
 from sugar.graphics.icon import Icon<br>
 from sugar.graphics.xocolor import XoColor<br>
@@ -56,6 +57,189 @@ _OLPC_MESH_ICON_NAME = 'network-mesh'<br>
<br>
 _FILTERED_ALPHA = 0.33<br>
<br>
+SETTING_TYPE_STRING = 1<br>
+SETTING_TYPE_LIST = 2<br>
+<br>
+<br>
+class AuthenticationType:<br>
+    def __init__(self, auth_label, auth_type, params_list):<br>
+        self._auth_label = auth_label<br>
+        self._auth_type = auth_type<br>
+        self._params_list = params_list<br>
+<br>
+<br>
+class AuthenticationParameter:<br>
+    def __init__(self, key_name, key_label, key_type,<br>
+                       options):<br>
+        self._key_name = key_name<br>
+        self._key_label = key_label<br>
+        self._key_type = key_type<br>
+        self._options = options<br>
+        self._value = None<br>
+<br>
+AUTHENTICATION_LIST = \<br>
+        [<br>
+                AuthenticationType('TLS',<br>
+                                   'tls',<br>
+                                          [<br>
+                                                AuthenticationParameter(<br>
+                                                  'eap',<br>
+                                                  'Authentication',<br>
+                                                  SETTING_TYPE_LIST,<br>
+                                                  [['TLS', 'tls']]<br>
+                                                  ),<br>
+                                                AuthenticationParameter(<br>
+                                                  'identity',<br>
+                                                  'Identity',<br>
+                                                  SETTING_TYPE_STRING,<br>
+                                                  []<br>
+                                                  ),<br>
+                                                AuthenticationParameter(<br>
+                                                  'client_cert',<br>
+                                                  'User certificate',<br>
+                                                  SETTING_TYPE_STRING,<br>
+                                                  []<br>
+                                                  ),<br>
+                                                AuthenticationParameter(<br>
+                                                  'ca_cert',<br>
+                                                  'CA certificate',<br>
+                                                  SETTING_TYPE_STRING,<br>
+                                                  []<br>
+                                                  ),<br>
+                                                AuthenticationParameter(<br>
+                                                  'private_key',<br>
+                                                  'Private key',<br>
+                                                  SETTING_TYPE_STRING,<br>
+                                                  []<br>
+                                                  ),<br>
+                                                AuthenticationParameter(<br>
+                                                  'private_key_password',<br>
+                                                  'Private Key password',<br>
+                                                  SETTING_TYPE_STRING,<br>
+                                                  []<br>
+                                                  )<br>
+                                           ]<br>
+                                 ),<br>
+                AuthenticationType('LEAP',<br>
+                                   'leap',<br>
+                                          [<br>
+                                                AuthenticationParameter(<br>
+                                                  'eap',<br>
+                                                  'Authentication',<br>
+                                                  SETTING_TYPE_LIST,<br>
+                                                  [['LEAP', 'leap']]<br>
+                                                  ),<br>
+                                                AuthenticationParameter(<br>
+                                                  'identity',<br>
+                                                  'Username',<br>
+                                                  SETTING_TYPE_STRING,<br>
+                                                  []<br>
+                                                  ),<br>
+                                                AuthenticationParameter(<br>
+                                                  'password',<br>
+                                                  'Password',<br>
+                                                  SETTING_TYPE_STRING,<br>
+                                                  []<br>
+                                                  )<br>
+                                           ]<br>
+                                 ),<br>
+                AuthenticationType('Tunnelled TLS',<br>
+                                   'ttls',<br>
+                                          [<br>
+                                                AuthenticationParameter(<br>
+                                                  'eap',<br>
+                                                  'Authentication',<br>
+                                                  SETTING_TYPE_LIST,<br>
+                                                  [['Tunnelled TLS', 'ttls']]<br>
+                                                  ),<br>
+                                                AuthenticationParameter(<br>
+                                                  'anonymous_identity',<br>
+                                                  'Anonymous identity',<br>
+                                                  SETTING_TYPE_STRING,<br>
+                                                  []<br>
+                                                  ),<br>
+                                                AuthenticationParameter(<br>
+                                                  'ca_cert',<br>
+                                                  'CA certificate',<br>
+                                                  SETTING_TYPE_STRING,<br>
+                                                  []<br>
+                                                  ),<br>
+                                                AuthenticationParameter(<br>
+                                                  'phase2_auth',<br>
+                                                  'Inner Authentication',<br>
+                                                  SETTING_TYPE_STRING,<br>
+                                                  [['PAP', 'pap'],<br>
+                                                   ['MSCHAP', 'mschap'],<br>
+                                                   ['MSCHAPv2', 'mschapv2'],<br>
+                                                   ['CHAP', 'chap']]<br>
+                                                  ),<br>
+                                                AuthenticationParameter(<br>
+                                                  'identity',<br>
+                                                  'Username',<br>
+                                                  SETTING_TYPE_STRING,<br>
+                                                  []<br>
+                                                  ),<br>
+                                                AuthenticationParameter(<br>
+                                                  'password',<br>
+                                                  'Password',<br>
+                                                  SETTING_TYPE_STRING,<br>
+                                                  []<br>
+                                                  )<br>
+                                           ]<br>
+                                 ),<br>
+                AuthenticationType('Protected EAP (PEAP)',<br>
+                                   'peap',<br>
+                                          [<br>
+                                                AuthenticationParameter(<br>
+                                                  'eap',<br>
+                                                  'Authentication',<br>
+                                                  SETTING_TYPE_LIST,<br>
+                                                  [['Protected EAP (PEAP)', 'peap']]<br>
+                                                  ),<br>
+                                                AuthenticationParameter(<br>
+                                                  'anonymous_identity',<br>
+                                                  'Anonymous identity',<br>
+                                                  SETTING_TYPE_STRING,<br>
+                                                  []<br>
+                                                  ),<br>
+                                                AuthenticationParameter(<br>
+                                                  'ca_cert',<br>
+                                                  'CA certificate',<br>
+                                                  SETTING_TYPE_STRING,<br>
+                                                  []<br>
+                                                  ),<br>
+                                                AuthenticationParameter(<br>
+                                                  'peap_version',<br>
+                                                  'PEAP version',<br>
+                                                  SETTING_TYPE_STRING,<br>
+                                                  [['Automatic', ''],<br>
+                                                   ['Version 0', '0'],<br>
+                                                   ['Version 1', '1']]<br>
+                                                  ),<br>
+                                                AuthenticationParameter(<br>
+                                                  'phase2_auth',<br>
+                                                  'Inner Authentication',<br>
+                                                  SETTING_TYPE_STRING,<br>
+                                                  [['MSCHAPv2', 'mschapv2'],<br>
+                                                   ['MD5', 'md5'],<br>
+                                                   ['GTC', 'gtc']]<br>
+                                                  ),<br>
+                                                AuthenticationParameter(<br>
+                                                  'identity',<br>
+                                                  'Username',<br>
+                                                  SETTING_TYPE_STRING,<br>
+                                                  []<br>
+                                                  ),<br>
+                                                AuthenticationParameter(<br>
+                                                  'password',<br>
+                                                  'Password',<br>
+                                                  SETTING_TYPE_STRING,<br>
+                                                  []<br>
+                                                  )<br>
+                                           ]<br>
+                                 )<br>
+        ]<br>
+<br>
<br>
 class WirelessNetworkView(CanvasPulsingIcon):<br>
     def __init__(self, initial_ap):<br>
@@ -340,6 +524,62 @@ class WirelessNetworkView(CanvasPulsingIcon):<br>
             wireless_security.group = group<br>
             return wireless_security<br>
<br>
+        if (self._rsn_flags & network.NM_802_11_AP_SEC_KEY_MGMT_802_1X) and \<br>
+                (self._device_caps & network.NM_802_11_DEVICE_CAP_RSN):<br>
+            # WPA2 Enterprise<br>
+            pairwise = self._add_ciphers_from_flags(self._rsn_flags, True)<br>
+            group = self._add_ciphers_from_flags(self._rsn_flags, False)<br>
+            wireless_security = WirelessSecurity()<br>
+            wireless_security.key_mgmt = 'wpa-eap'<br>
+            wireless_security.proto = 'rsn'<br>
+            wireless_security.pairwise = pairwise<br>
+            wireless_security.group = group<br>
+            return wireless_security<br>
+<br>
+        if (self._wpa_flags & network.NM_802_11_AP_SEC_KEY_MGMT_802_1X) and \<br>
+                (self._device_caps & network.NM_802_11_DEVICE_CAP_WPA):<br>
+            # WPA Enterprise<br>
+            pairwise = self._add_ciphers_from_flags(self._wpa_flags, True)<br>
+            group = self._add_ciphers_from_flags(self._wpa_flags, False)<br>
+            wireless_security = WirelessSecurity()<br>
+            wireless_security.key_mgmt = 'wpa-eap'<br>
+            wireless_security.proto = 'wpa'<br>
+            wireless_security.pairwise = pairwise<br>
+            wireless_security.group = group<br>
+            return wireless_security<br>
+<br>
+    def _enter_additional_settings_and_secrets_and_then_activate(self,<br>
+            uuid, settings, wireless_security):<br>
+        # this is valid, only for "ieee8021x" or "wpa-eap" key<br>
+        # management.<br>
+        if (wireless_security.key_mgmt == 'ieee8021x') or \<br>
+                (wireless_security.key_mgmt == 'wpa-eap'):<br>
+            keydialog.get_key_values(AUTHENTICATION_LIST,<br>
+                                     self.__add_and_activate_connection,<br>
+                                     uuid, settings)<br>
+        else:<br>
+            self.__add_and_activate_connection(uuid, settings)<br>
+<br>
+    def __add_and_activate_connection(self, uuid, settings,<br>
+                                      additional_settings=None):<br>
+<br>
+        if additional_settings is not None:<br>
+            key_value_dict = {}<br>
+            auth_params_list = additional_settings._params_list<br>
+<br>
+            for auth_param in auth_params_list:<br>
+                key = auth_param._key_name<br>
+                value = auth_param._value<br>
+                print 'key == ' + key<br>
+                print 'value == '<br>
+                print value<br>
+                key_value_dict[key] = value<br>
+<br>
+            settings.wpa_eap_setting = key_value_dict<br>
+<br>
+        connection = network.add_connection(uuid, settings)<br>
+        self._activate_connection(connection)<br>
+<br>
     def __connect_activate_cb(self, icon):<br>
         self._connect()<br>
<br>
@@ -350,8 +590,10 @@ class WirelessNetworkView(CanvasPulsingIcon):<br>
         connection = network.find_connection_by_ssid(self._name)<br>
         if connection is None:<br>
             settings = Settings()<br>
+            self._settings = settings<br>
             <a href="http://settings.connection.id" target="_blank">settings.connection.id</a> = 'Auto ' + self._name<br>
             uuid = settings.connection.uuid = unique_id()<br>
+            self._uuid = uuid<br>
             settings.connection.type = '802-11-wireless'<br>
             settings.wireless.ssid = self._name<br>
<br>
@@ -370,8 +612,12 @@ class WirelessNetworkView(CanvasPulsingIcon):<br>
             if wireless_security is not None:<br>
                 settings.wireless.security = '802-11-wireless-security'<br>
<br>
-            connection = network.add_connection(uuid, settings)<br>
+            self._enter_additional_settings_and_secrets_and_then_activate(uuid,<br>
+                    settings, wireless_security)<br>
+        else:<br>
+            self._activate_connection(connection)<br>
<br>
+    def _activate_connection(self, connection):<br>
         obj = self._bus.get_object(_NM_SERVICE, _NM_PATH)<br>
         netmgr = dbus.Interface(obj, _NM_IFACE)<br>
<br>
diff --git a/src/jarabe/model/network.py b/src/jarabe/model/network.py<br>
index f265ae4..2f8295e 100644<br>
--- a/src/jarabe/model/network.py<br>
+++ b/src/jarabe/model/network.py<br>
@@ -418,6 +418,7 @@ class Settings(object):<br>
         self.connection = Connection()<br>
         self.ip4_config = None<br>
         self.wireless_security = None<br>
+        self.wpa_eap_setting = None<br>
<br>
         if wireless_cfg is not None:<br>
             self.wireless = wireless_cfg<br>
@@ -433,6 +434,10 @@ class Settings(object):<br>
                 self.wireless_security.get_dict()<br>
         if self.ip4_config is not None:<br>
             settings['ipv4'] = self.ip4_config.get_dict()<br>
+        if self.wpa_eap_setting is not None:<br>
+            settings['802-1x'] = self.wpa_eap_setting<br>
+<br>
+<br>
         return settings<br>
<br>
<br>
@@ -653,6 +658,9 @@ class NMSettingsConnection(dbus.service.Object):<br>
                 if self._settings.wireless.security is not None:<br>
                     config.set(identifier, 'security',<br>
                                self._settings.wireless.security)<br>
+                if self._settings.wpa_eap_setting is not None:<br>
+                    config.set(identifier, 'wpa_eap_setting',<br>
+                               self._settings.wpa_eap_setting)<br>
             if self._secrets is not None:<br>
                 if self._settings.wireless_security.key_mgmt == 'none':<br>
                     config.set(identifier, 'key', self._secrets.wep_key)<br>
@@ -895,13 +903,21 @@ def load_wifi_connections():<br>
                 settings.wireless_security.key_mgmt = mgmt<br>
                 security = config.get(section, 'security')<br>
                 settings.wireless.security = security<br>
-                key = config.get(section, 'key')<br>
                 if mgmt == 'none':<br>
+                    key = config.get(section, 'key')<br>
                     secrets.wep_key = key<br>
                     auth_alg = config.get(section, 'auth-alg')<br>
                     secrets.auth_alg = auth_alg<br>
-                elif mgmt == 'wpa-psk':<br>
-                    secrets.psk = key<br>
+                elif (mgmt == 'wpa-psk') or (mgmt == 'wpa-eap'):<br>
+                    if mgmt == 'wpa-psk':<br>
+                        key = config.get(section, 'key')<br>
+                        secrets.psk = key<br>
+                    elif mgmt == 'wpa-eap':<br>
+                        if config.has_option(section,<br>
+                                             'wpa_eap_setting'):<br>
+                            value = eval(config.get(section,<br>
+                                               'wpa_eap_setting'))<br>
+                            settings.wpa_eap_setting = value<br>
                     if config.has_option(section, 'proto'):<br>
                         value = config.get(section, 'proto')<br>
                         settings.wireless_security.proto = value<br>
<font color="#888888">--<br>
1.7.4.4<br>
<br>
</font></blockquote></div><br>
</div></div></div><br>