[Zope3-Users] configure.zcml entries for using adapters.
I am struggler in learning zope3. Please forgive me if i am wrong. How about using an intermediate view component? in template1.pt div tal:content= view/vgetTotalDistance / In zcml browser:page class=.someModule.RoughView template = template1.pt . / where view class is : from adapters import CarTotalDistanceAdapter class RoughView: def __init__(self,context,request): self.context = context self.request = request self.adapt = CarTotalDistanceAdapter() def vgetTotalDistance(self): return self.adapt.getTotalDistance() ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users
Re: [Zope3-Users] Executing utility specific code on server startup
On Saturday 22 October 2005 13:01, Chris Lehmann wrote: I have a utility that needs to start several threads when zope starts up. What is the best way to accomplish this? So far I have tried to use the IDatabaseOpenedWithRoot and IProcessStarting events but when I try and register them with the following code, my handlers do not get called. Code from the constructor of my utility class: zapi.getGlobalSiteManager().subscribe([IProcessStartingEvent],None, self.onStartup) What am I doing wrong? You need to make this registration using ZCML. Having this code in the utility constructor is far too late. subscriber for=...IProcessStartingEvent handler=...onStartup / Regards, Stephan -- Stephan Richter CBU Physics Chemistry (B.S.) / Tufts Physics (Ph.D. student) Web2k - Web Software Design, Development and Training ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users
Re: [Zope3-Users] How is sending a HTTP POST in Zope3 supposed to work ?
On Thursday 27 October 2005 05:44, Michael Haubenwallner wrote: osting to the object itself equals a GET request. Posting to the @@edit.html view of the object results in a UserError: The character set specified in the content type ($charset) does not match file content. error, even with charset set in the request headers. How does your request look like? Note that we use POST in the edit form, so things should be fine. If this is not working for you, I would write a custom view maybe. Are there any functional tests existing for the HTTP POST method ? I doubt it, but it would be nice, if you could write one. Aside: how would i create a default view for a POST request for a certain object ? See the SchoolTool REST interface. It does all those type of things. The tinyu bit longer answer is: Develop a view class that implements a method called POST and then register this method as a view for IHTTPRequest. Regards, Stephan -- Stephan Richter CBU Physics Chemistry (B.S.) / Tufts Physics (Ph.D. student) Web2k - Web Software Design, Development and Training ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users
Re: [Zope3-Users] at sea with basic setup
On Friday 04 November 2005 22:32, Ross Boylan wrote: I'd like to create some users, set authentication methods, and so on. After a lot of fooling around with the GUI and looking at various docs, I conclude I have no idea what's going on. Tim suggested reading the books and he is right. I'll note that the online version is outdated and has some issues that were resolved in the paper copy of my book. To complicate matters, there were some issue with my installation on Debian (using the package in testing) so that some of the products aren't available. I wonder if any of them are key to getting things going. SVN trunk. :-) Do I need to create something like a Zope 2 user folder? Yes, but it is called an authentication utility. Are all users defined in the principals file on disk? No. I tried installing a Site Manager object. The Site Management screen shows a lot of entries (e.g., Authenticator Plugin) that say there are no entries available yet. I installed some objects that seemed related, gave them names, and tried to hook them up with this screen. The only thing that seems to have worked is the unique id tool. As Tim also pointed out, read the zope.app.authentication *.txt files. Regards, Stephan -- Stephan Richter CBU Physics Chemistry (B.S.) / Tufts Physics (Ph.D. student) Web2k - Web Software Design, Development and Training ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users
Re: [Zope3-Users] sqlos, sites and local utilities
On Tuesday 08 November 2005 05:38, Andreas Elvers wrote: Hi, sorry for asking it here but sqlos mailing list seems dead. Has anyone yet tried sqlos with database connections created as local utilities ? At one point sqlos tries to get the utility in connection.py Line 88. newconn = zapi.queryUtility(IZopeDatabaseAdapter, name, default=None, context=context) The context points to a sqlobject instance. The problem is that these instances seem to have no parent and thus will fail the lookup my local utility and will raise an 'NoneType' object is not callable error later in the code when trying to adapt. When you try the sqlos example everything is fine, since the database connection is defined in configure.zcml as a global utility. My current idea is to expose the enclosing folder as a context to query utility. But I don't know if setting references in sqlobject instances is such a great idea. If the sqlobject instance does not have a parent, then that's bad. It probably does not have a parent, because it is usually wrapped using a location proxy, which is lost inside a method. I think the smart thing to do here would be what you suggested or to write a subclass of sqlobject that implements ILocation. Regards, Stephan -- Stephan Richter CBU Physics Chemistry (B.S.) / Tufts Physics (Ph.D. student) Web2k - Web Software Design, Development and Training ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users
Re: [Zope3-Users] configure.zcml entries for using adapters.
On Thursday 10 November 2005 19:55, John Smith wrote: I then created a nice page template which contains this snippet: div tal:content=python:context.getTotalDistance() / where context is the Car object. This is wrong, because Car does not have a function called getTotalDistance. In the view class do: class View: def getTotalDistance(self): total = interfaces.IDistanceTotal(self.context) return total.getTotalDistance() In the view do: div tal:content=view/getTotalDistance / Note that you should never ever put a python call into your template. Regards, Stephan -- Stephan Richter CBU Physics Chemistry (B.S.) / Tufts Physics (Ph.D. student) Web2k - Web Software Design, Development and Training ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users
Re: [Zope3-Users] Complex Adapter Requirements - Named Adapters?
On Sunday 30 October 2005 14:16, James Allwyn wrote: One thought I had, was creating an interface IStandard, with attributes like meetsstandard and nameofstandard, and then subclass this, e.g. to IAccreditationScheme and INationalCode (where Accreditation Scheme and National Code are the names of two of the standards). But I get a little stuck conceptually at the point where I try to handle, for example, the fact that for some ISharedHouse objects, IAccreditationScheme would be suitable, whilst for others it wouldn't, because of their location. In fact it's likely that in the future we will need to recognise two or more standards for a particular accommodation type (so IAccreditationScheme and IHouseCheck chould both apply to ISharedHouse objects, in differect areas). This is not such a complex case as you think. If you register an adapter from ISharedHouse to IAccreditationScheme then it will be only available for this interface and not for IAccommodation in general. I would even write a specific IAccreditationScheme for every scheme you support; thus you do not even need named adapters. Regards, Stephan -- Stephan Richter CBU Physics Chemistry (B.S.) / Tufts Physics (Ph.D. student) Web2k - Web Software Design, Development and Training ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users
[Zope3-Users] Recommended policy for extension of the built-in skins and macros?
Hi All, I've managed to dip my toes rather deeply in Zope3 without ever approaching the skins/layers aspect of it. I'm finally in a position to do that, and most of the examples I find extend the Rotterdam skin, and simply override it's macros. Is this simply for convenience, as there is a lot of useful functionality provided by these macros? Or is there some grander reason for using the existing with simple customizations? The main thing I could think of was that by doing this, you will can generally ensure consistent macro naming across different sites, which I suppose is helpful. I'm a very minimalist guy as far as HTML goes, so my initial inclination is generally to start with with the simplest thing possible, and expand it when necessary. What are people's experiences with this (keeping in mind that I am likely misunderstanding some large part of the way skins and layers are supposed to work :) ? Thanks, Alec Munro ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users
[Zope3-Users] Re: Zope3 design question
rubberduckee wrote: We've once had the ability of editing schemas TTW, but I'm not sure if this is still the case. At least I don't think it's part of a release tarball of Zope 3. Philipp Thanks, will do that in the future. Do you know why this particular feature was 'dropped'? Well, something that hasn't been released in the first place can't be dropped. The problem is that it just hasn't been maintained lately because other things were the priority. This might change in the future and anyone's welcome to contribute. The current code is mostly at zope.app.schemacontent. Philipp ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users
[Zope3-Users] Re: apache as zope3's frontend and NTLM
Simon Hang wrote:
Dear all,
I'm trying to use apache as zope3's frontend, and do NTLM authentication
as well.
Well, traditionally it's been part of Zope's responsibility to do
credentials extraction and user authentication. That doesn't mean it
couldn't be done by the webserver in front of Zope; there might just be
other implications that you and I can't think of ;).
I've done:
1. Installed mod_ntlm for apache 1.3, and tested.
2. Create a VirtualHost for zope3 instance, forwarding http request
using rewrite engine. And tested.
Now I try to put things together = A virtualhost can do NTLM
authentication and forward request to zope3, my virtual configration of
apache as below:
VirtualHost *:808
DocumentRoot c:/myroot
Servername myserver
ErrorLog logs/myerror.log
CustomLog logs/myaccess.log common
RewriteEngine On
RewriteRule ^(/?.*)
http://localhost:8080/++vh++http:myserver:808/++$1 [P,L]
Location /
IfModule mod_ntlm.c
AuthName realm
AuthType NTLM
NTLMAuth On
NTLMAuthoritative On
NTLMDomain mydomain
NTLMOfferBasic Off
NTLMBasicPreferred Off
require valid-user
/IfModule
/Location
/VirtualHost
Everytime I try to access the page, the brower show me error message as
below:
Authorization Required
This server could not verify that you are authorized to access the
document requested. Either you supplied the wrong credentials (e.g., bad
password), or your browser doesn't understand how to supply the
credentials required.
What's wrong in my settings?
Well, Zope 3 doesn't care that Apache has authenticated your user. It
doesn't see that. If you want the Zope 3 security system to interact
with Apache's, here's a suggestion (not sure if it'll actually work):
- Have Apache forward the REMOTE_USER CGI env variable, e.g. by using
the E flag at the end of rewrite rule:
[P,L,E=REMOTE_USER:%{REMOTE_USER}]
- Have a custom ICredentialsPlugin that's simply looks at this env
variable in the request for the log-in credentials. To challenge the
user for authentication, it would simply use the same authentication
realm as set in the apache.conf, so that it gets picked up by Apache
when the user provides the credentials.
- Have a custom IAuthenticatorPlugin that uses the credential data of
the former plug-in to create a principal object from it. It wouldn't
really need to do any actual authentication because that had already
been done by Apache. The only thing this plug-in needs to do is convert
the credentials data into an actual principal object.
Hope that helps.
Philipp
___
Zope3-users mailing list
Zope3-users@zope.org
http://mail.zope.org/mailman/listinfo/zope3-users
[Zope3-Users] Re: apache as zope3's frontend and NTLM
Philipp von Weitershausen wrote:
Simon Hang wrote:
Dear all,
I'm trying to use apache as zope3's frontend, and do NTLM authentication
as well.
Well, traditionally it's been part of Zope's responsibility to do
credentials extraction and user authentication. That doesn't mean it
couldn't be done by the webserver in front of Zope; there might just be
other implications that you and I can't think of ;).
I've done:
1. Installed mod_ntlm for apache 1.3, and tested.
2. Create a VirtualHost for zope3 instance, forwarding http request
using rewrite engine. And tested.
Now I try to put things together = A virtualhost can do NTLM
authentication and forward request to zope3, my virtual configration of
apache as below:
VirtualHost *:808
DocumentRoot c:/myroot
Servername myserver
ErrorLog logs/myerror.log
CustomLog logs/myaccess.log common
RewriteEngine On
RewriteRule ^(/?.*)
http://localhost:8080/++vh++http:myserver:808/++$1 [P,L]
Location /
IfModule mod_ntlm.c
AuthName realm
AuthType NTLM
NTLMAuth On
NTLMAuthoritative On
NTLMDomain mydomain
NTLMOfferBasic Off
NTLMBasicPreferred Off
require valid-user
/IfModule
/Location
/VirtualHost
Everytime I try to access the page, the brower show me error message as
below:
Authorization Required
This server could not verify that you are authorized to access the
document requested. Either you supplied the wrong credentials (e.g., bad
password), or your browser doesn't understand how to supply the
credentials required.
What's wrong in my settings?
Well, Zope 3 doesn't care that Apache has authenticated your user. It
doesn't see that. If you want the Zope 3 security system to interact
with Apache's, here's a suggestion (not sure if it'll actually work):
- Have Apache forward the REMOTE_USER CGI env variable, e.g. by using
the E flag at the end of rewrite rule:
[P,L,E=REMOTE_USER:%{REMOTE_USER}]
Will that really work? env variables are only useful in CGI mode, but
proxying doesn't involve CGI. Rather I'd advise using additional
parameters to the URL, like we do here for Zope 2 for instance:
http://svn.nuxeo.org/trac/pub/file/CMFNtlmSso/trunk/doc/vhost_sso.conf
- Have a custom ICredentialsPlugin that's simply looks at this env
variable in the request for the log-in credentials. To challenge the
user for authentication, it would simply use the same authentication
realm as set in the apache.conf, so that it gets picked up by Apache
when the user provides the credentials.
And this plugin would have to get the credentials from the URL instead
of the env variable. I wish apache had a proper way to add request
headers during proxying...
Florent
- Have a custom IAuthenticatorPlugin that uses the credential data of
the former plug-in to create a principal object from it. It wouldn't
really need to do any actual authentication because that had already
been done by Apache. The only thing this plug-in needs to do is convert
the credentials data into an actual principal object.
Hope that helps.
Philipp
--
Florent Guillaume, Nuxeo (Paris, France) Director of RD
+33 1 40 33 71 59 http://nuxeo.com [EMAIL PROTECTED]
___
Zope3-users mailing list
Zope3-users@zope.org
http://mail.zope.org/mailman/listinfo/zope3-users
[Zope3-Users] Re: apache as zope3's frontend and NTLM
Florent Guillaume wrote:
Well, Zope 3 doesn't care that Apache has authenticated your user. It
doesn't see that. If you want the Zope 3 security system to interact
with Apache's, here's a suggestion (not sure if it'll actually work):
- Have Apache forward the REMOTE_USER CGI env variable, e.g. by using
the E flag at the end of rewrite rule:
[P,L,E=REMOTE_USER:%{REMOTE_USER}]
Will that really work? env variables are only useful in CGI mode, but
proxying doesn't involve CGI. Rather I'd advise using additional
parameters to the URL, like we do here for Zope 2 for instance:
http://svn.nuxeo.org/trac/pub/file/CMFNtlmSso/trunk/doc/vhost_sso.conf
Ah, yes. I thought of this initially but found the env way to be
cleaner, simply assuming that mod_rewrite would pass the current env
along on the proxy request. It seems it doesn't.
Good example config, by the way.
- Have a custom ICredentialsPlugin that's simply looks at this env
variable in the request for the log-in credentials. To challenge the
user for authentication, it would simply use the same authentication
realm as set in the apache.conf, so that it gets picked up by Apache
when the user provides the credentials.
And this plugin would have to get the credentials from the URL instead
of the env variable. I wish apache had a proper way to add request
headers during proxying...
Yup and yup.
Philipp
___
Zope3-users mailing list
Zope3-users@zope.org
http://mail.zope.org/mailman/listinfo/zope3-users
Re: [Zope3-Users] Re: apache as zope3's frontend and NTLM
Simon Hang wrote: Thanks for the help. I feel not comfortable to put the username in URL. User may be able to bypass the authentication and direct access zope with username in URL. True, it's not the nicest solution. But you could make it safer by first stripping the according request variable from the QUERY_STRING. mod_rewrite is quite powerful in that respect. Now the only solution I found is only working in Apache2 not 1.3. I can use mod_header. requestheader can add http header to request before mod_rewrite pass it to zope. I can put REMOTE_USER in http header and zope will be able to pick it up. User will still be able to bypass the check if they can use special web browser which can add http header. But at least with standard IE Firefox, this method will be safe. Here you could strip any REMOTE_USER header or request variable from the incoming request so that the REMOTE_USER that Zope sees is always the one set by Apache, or none (even if the browser client tried to supply its own one). But I'm still using Apache 1.3. Above solution can't apply. :( Too bad, Apache 2.0 is quite nice. Philipp ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users
