Thanks Mariano, Would you mind sharing auth.py or specially, the code for OpenIdAuthenticator() OpenIdMetadata()
Thanks Oliver On Sep 10, 2:51 pm, Mariano Mara <[email protected]> wrote: > Excerpts from Oliver's message of Fri Sep 10 15:35:42 -0300 2010: > > > > > > > hi, > > > I am using repoze.who.plugins.openid with following configurations: > > > [plugin:openid] > > use = repoze.who.plugins.openid:make_identification_plugin > > store = file > > store_file_path = %(here)s/sstore > > openid_field = openid > > came_from_field = came_from > > error_field = error > > session_name = beaker.session > > login_form_url = /account/openid_login > > > My understanding is if a controller needs authentication (by putting > > not_anonymous() predicate before action or controller), the middleware > > will try to redirect to login form specified by /account/openid_login. > > > However, this doesn't seem to have any effect, for whatever reason, it > > insists on directing to /account/login, any idea? > > > TIA > > > Oliver > > You need to configure repoze.who through repoze.what in order to use > repoze what protectors like not_anonymous. Besides that, remember that > the standard openid plugin has only a dummy authenticator plugin that > does nothing and you might need to extend it to make it talk with your > database or whatever. > > In my case instead of using who.ini for configuring the plugin I did all > in middleware.py. Find below my configuration (repdotcom is the name of > my pylons project, everything else is standard repoze what/who). > Feel free to ask any clarification you need to understand the code. > > from repoze.who.plugins.auth_tkt import AuthTktCookiePlugin > from repoze.who.plugins.openid.identification import > OpenIdIdentificationPlugin > from repdotcom.lib.auth import OpenIdMetadata, OpenIdAuthenticator > from repoze.who.classifiers import default_request_classifier > from repoze.who.plugins.openid.classifiers import openid_challenge_decider > from repoze.what.middleware import setup_auth > > from repdotcom.config.environment import load_environment > > def make_app(global_conf, full_stack=True, static_files=True, **app_conf): > > ... some code here ... > > # CUSTOM MIDDLEWARE HERE (filtered by error handling middlewares) > > openid = OpenIdIdentificationPlugin( > store='file', > openid_field='openid', > session_name='pylons.session', > login_handler_path='/openid_login_handler', > logout_handler_path='/logout_handler', > login_form_url='/login', > error_field='error', > logged_in_url='/welcome_back', > logged_out_url='/see_you_later', > came_from_field='came_from', > store_file_path=app_conf['cache_dir']+'/sstore', > rememberer_name='auth_tkt', > attr_ex='openid.ax.required=email > openid.ax.type.email=http://axschema.org/contact/email') > auth_tkt = AuthTktCookiePlugin(secret='xxxxxxxxxx', secure=True, > timeout=86400, reissue_time=3600) > authenticator = OpenIdAuthenticator() > openidmd = OpenIdMetadata() > app = setup_auth(app, None, None, > identifiers=[('openid', openid), > ('auth_tkt', auth_tkt)], > authenticators=[('authenticator', authenticator)], > challengers=[('openid', openid)], > mdproviders=[('mdproviders', openidmd)], > classifier=default_request_classifier, > challenge_decider=openid_challenge_decider, > log_stream=app_conf['who.log_file'], > log_level=app_conf['who.log_level']) -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
