Re: [Zope-dev] Re: [Zope] authenticating over XML-RPC to implement the Blogger API
Yes, I think this is the right thing to do. Override identify and pull the "username" and "password" elements out of the form elements in REQUEST. Or at least that sounds good. ;-) - Original Message - From: "Nathan Sain" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Tuesday, February 05, 2002 11:35 AM Subject: [Zope-dev] Re: [Zope] authenticating over XML-RPC to implement the Blogger API > > I don't think basic auth is going to cut it. The API wants username > > and password to be passed as arguments. Probably need to hack a user > > folder implementation. > Chris, > Sorry for not listing this as an option in my previous mail, I meant that > I had two options forusing existing user folders, but my brain was not working correctly after > my 1 hour commuteto work :). I looked at AccessControl/User.py and it looks like one > could modify theidentify function to grab the username,password from the arguments. Do > most user foldersget this function through a subclassing? > -- > > Nathan Sain > Deer High School IT Dept. > P.O. Box 56 > Deer, AR 72628 > (870)428-5433 > > > > ___ > Zope-Dev maillist - [EMAIL PROTECTED] > http://lists.zope.org/mailman/listinfo/zope-dev > ** No cross posts or HTML encoding! ** > (Related lists - > http://lists.zope.org/mailman/listinfo/zope-announce > http://lists.zope.org/mailman/listinfo/zope ) > ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
[Zope-dev] Re: [Zope] authenticating over XML-RPC to implement the Blogger API
> I don't think basic auth is going to cut it. The API wants username > and password to be passed as arguments. Probably need to hack a user > folder implementation. Chris, Sorry for not listing this as an option in my previous mail, I meant that I had two options forusing existing user folders, but my brain was not working correctly after my 1 hour commuteto work :). I looked at AccessControl/User.py and it looks like one could modify theidentify function to grab the username,password from the arguments. Do most user foldersget this function through a subclassing? -- Nathan Sain Deer High School IT Dept. P.O. Box 56 Deer, AR 72628 (870)428-5433 ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
[Zope-dev] Re: [Zope] authenticating over XML-RPC to implement the Blogger API
My thoughts as well. As far as I can tell here are my options: I look at the CookieCrumbler last night, and wondered if I can use the BeforeTraversehook that it uses. ZPublisher calls request.processInputs() before traversal right? If thatis so then request should have the args from the XML-RPC message by the time BeforeTraverse kicks in. If the username,password pair is prefixed with 'zid' and 'zpw' orsome other recognizable prefix I think BeforeTraverse can pick out the username,password from request.args and do the auth magic right? It may be possible to hijack the SecurityManager with a external method, but thisseems dangerous. Any other ideas? > I don't think basic auth is going to cut it. The API wants username > and password to be passed as arguments. Probably need to hack a user > folder implementation. > > - Original Message - > From: "Andy" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; > <[EMAIL PROTECTED]> Sent: Sunday, February 03, 2002 10:33 PM > Subject: Re: [Zope] authenticating over XML-RPC to implement the > Blogger API > > > ZSyncer does user authentication over xmlrpc via > xmlrpclibBasicAuth.py, download it and take a look. > >> - Original Message - >> From: "Nathan Sain" <[EMAIL PROTECTED]> >> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> >> Sent: Monday, February 04, 2002 9:19 AM >> Subject: [Zope] authenticating over XML-RPC to implement the Blogger >> API >> >> -- Nathan Sain Deer High School IT Dept. P.O. Box 56 Deer, AR 72628 (870)428-5433 ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
[Zope-dev] Re: [Zope] authenticating over XML-RPC to implement the Blogger API
I don't think basic auth is going to cut it. The API wants username and password to be passed as arguments. Probably need to hack a user folder implementation. - Original Message - From: "Andy" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Sunday, February 03, 2002 10:33 PM Subject: Re: [Zope] authenticating over XML-RPC to implement the Blogger API > ZSyncer does user authentication over xmlrpc via xmlrpclibBasicAuth.py, > download it and take a look. > > - Original Message - > From: "Nathan Sain" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> > Sent: Monday, February 04, 2002 9:19 AM > Subject: [Zope] authenticating over XML-RPC to implement the Blogger API > > > > Hello Everyone, > > I've got a problem and was wondering if anyone on this list my have some > > insight as to howto solve it. I want to implement a the Blogger XML-RPC > API to allow users > > to add content toa Zope site (the API is here > http://plant.blogger.com/api/index.html). It > > requires that theusername and password be sent as parameters in each > function call. is it > > possible to hookinto Zopes authentication scheme via a external method or > python script? > > I've also noticedthat it could be possible to grab the username and > password from the > > XML-RPC call whenZPublisher calls request.processInputs(), but I don't > know how Zope > > authenticates the userthis may be to late in the process to try and fudge > with the request > > object. Has anyone elsedone user authentication via parameters? > > > > Any help would be appreciated > > -- > > > > Nathan Sain > > > > > > > > > > ___ > > Zope maillist - [EMAIL PROTECTED] > > http://lists.zope.org/mailman/listinfo/zope > > ** No cross posts or HTML encoding! ** > > (Related lists - > > http://lists.zope.org/mailman/listinfo/zope-announce > > http://lists.zope.org/mailman/listinfo/zope-dev ) > > > > > > ___ > Zope maillist - [EMAIL PROTECTED] > http://lists.zope.org/mailman/listinfo/zope > ** No cross posts or HTML encoding! ** > (Related lists - > http://lists.zope.org/mailman/listinfo/zope-announce > http://lists.zope.org/mailman/listinfo/zope-dev ) > ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
[Zope-dev] Re: [Zope] authenticating over XML-RPC to implement the Blogger API
ZSyncer does user authentication over xmlrpc via xmlrpclibBasicAuth.py, download it and take a look. - Original Message - From: "Nathan Sain" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Monday, February 04, 2002 9:19 AM Subject: [Zope] authenticating over XML-RPC to implement the Blogger API > Hello Everyone, > I've got a problem and was wondering if anyone on this list my have some > insight as to howto solve it. I want to implement a the Blogger XML-RPC API to allow users > to add content toa Zope site (the API is here http://plant.blogger.com/api/index.html). It > requires that theusername and password be sent as parameters in each function call. is it > possible to hookinto Zopes authentication scheme via a external method or python script? > I've also noticedthat it could be possible to grab the username and password from the > XML-RPC call whenZPublisher calls request.processInputs(), but I don't know how Zope > authenticates the userthis may be to late in the process to try and fudge with the request > object. Has anyone elsedone user authentication via parameters? > > Any help would be appreciated > -- > > Nathan Sain > > > > > ___ > Zope maillist - [EMAIL PROTECTED] > http://lists.zope.org/mailman/listinfo/zope > ** No cross posts or HTML encoding! ** > (Related lists - > http://lists.zope.org/mailman/listinfo/zope-announce > http://lists.zope.org/mailman/listinfo/zope-dev ) > ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
