[Zope-dev] Re: [Zope] authenticating over XML-RPC to implement the Blogger API
> I don't think basic auth is going to cut it. The API wants username > and password to be passed as arguments. Probably need to hack a user > folder implementation. Chris, Sorry for not listing this as an option in my previous mail, I meant that I had two options forusing existing user folders, but my brain was not working correctly after my 1 hour commuteto work :). I looked at AccessControl/User.py and it looks like one could modify theidentify function to grab the username,password from the arguments. Do most user foldersget this function through a subclassing? -- Nathan Sain Deer High School IT Dept. P.O. Box 56 Deer, AR 72628 (870)428-5433 ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
[Zope-dev] Re: [Zope] authenticating over XML-RPC to implement the Blogger API
My thoughts as well. As far as I can tell here are my options: I look at the CookieCrumbler last night, and wondered if I can use the BeforeTraversehook that it uses. ZPublisher calls request.processInputs() before traversal right? If thatis so then request should have the args from the XML-RPC message by the time BeforeTraverse kicks in. If the username,password pair is prefixed with 'zid' and 'zpw' orsome other recognizable prefix I think BeforeTraverse can pick out the username,password from request.args and do the auth magic right? It may be possible to hijack the SecurityManager with a external method, but thisseems dangerous. Any other ideas? > I don't think basic auth is going to cut it. The API wants username > and password to be passed as arguments. Probably need to hack a user > folder implementation. > > - Original Message - > From: "Andy" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; > <[EMAIL PROTECTED]> Sent: Sunday, February 03, 2002 10:33 PM > Subject: Re: [Zope] authenticating over XML-RPC to implement the > Blogger API > > > ZSyncer does user authentication over xmlrpc via > xmlrpclibBasicAuth.py, download it and take a look. > >> - Original Message - >> From: "Nathan Sain" <[EMAIL PROTECTED]> >> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> >> Sent: Monday, February 04, 2002 9:19 AM >> Subject: [Zope] authenticating over XML-RPC to implement the Blogger >> API >> >> -- Nathan Sain Deer High School IT Dept. P.O. Box 56 Deer, AR 72628 (870)428-5433 ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
[Zope-dev] authenticating over XML-RPC to implement the Blogger API
Hello Everyone, I've got a problem and was wondering if anyone on this list my have some insight as to howto solve it. I want to implement a the Blogger XML-RPC API to allow users to add content toa Zope site (the API is here http://plant.blogger.com/api/index.html). It requires that theusername and password be sent as parameters in each function call. is it possible to hookinto Zopes authentication scheme via a external method or python script? I've also noticedthat it could be possible to grab the username and password from the XML-RPC call whenZPublisher calls request.processInputs(), but I don't know how Zope authenticates the userthis may be to late in the process to try and fudge with the request object. Has anyone elsedone user authentication via parameters? Any help would be appreciated -- Nathan Sain ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )