On Oct 31, 2007, at 7:37 AM, oscar tackstrom wrote:
> > Hi, > > I'm developing a combined chat-bot/question answering system and plan > to use xml-rpc with pylons to serve web clients. Since other parts of > the project are already implemented in pylons (administration and > database connections), I would rather not switch to Twisted for this. > > The server needs to maintain a state for each authenticated session, > and all communication should be secure. Is there a simple way to use > standard authentication and session management (AuthKit?) together > with xml-rpc in pylons? (I'm assuming you've seen the Pylons XMLRPCController: http://wiki.pylonshq.com/display/pylonsdocs/Using+the+XMLRPCController ) It depends on how you want to handle authentication. It's possible to use sessions/authentication the same way you would with a Controller subclassing BaseController. Though in my experience, most xml-rpc clients don't handle cookies, and in turn most xml-rpc APIs providing authentication don't do so via cookies (Beaker sessions are keyed to the client via a cookie). Commonly what they do instead is return a string token from an authenticate method to be used in all subsequent calls requiring authentication: token = botServer.login(username, password) users = botServer.getUsers(token, '#pylons') And this API is easy for simple xml-rpc clients to use. Though it looks like Beaker's SessionMiddleware is tailored to only loading Sessions via cookies, I think (correct me if I'm wrong Mike or Ben). You could make a middleware that fakes the cookie Beaker looks for from the token, or write your own SessionMiddleware that handled it. > > Sorry if I'm ignorant and the solution should be obvious, I'm > completely new to Pylons and haven't found any information on how to > combine xml-rpc with authenticated session management in the docs. > > Best, > Oscar Täckström > > > > -- Philip Jenvey --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en -~----------~----~----~----~------~----~------~--~---
