-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Wichert Akkerman wrote: > Hi Stefan, > > Previously Stefan H. Holek wrote: >> Log message for revision 97359: >> User masquerading. Adapted from a patch against PAS 1.0.4. >> >> Logging in as AUTHUSER/ROLEUSER (e.g. 'admin/jdoe') authenticates >> against AUTHUSER but returns ROLEUSER. As a security precaution, >> AUTHUSER must have the Manager role. Note: AUTHUSER and ROLEUSER >> must live in the same user folder. > > What happens if someone as a / in his login name? How do you plan to > deal with differing login and usernames? > > Is there a reason this is not doable with plugins?
I agree: this is *exactly* the sort of thing which should be in a plugin. In particular, such a plugin should be configured to select which other IAuthentication plugins it would search, which would remove the requirement to splice the code directly into the PAS framework code. Tres. - -- =================================================================== Tres Seaver +1 540-429-0999 tsea...@palladion.com Palladion Software "Excellence by Design" http://palladion.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJrBNh+gerLs4ltQ4RAg7sAKCb0XV+xh+hI5G77RbGUylhS7IrGACgjV1Z vU9W2q2gXP8i9hsy5A7BuJw= =gWIX -----END PGP SIGNATURE----- _______________________________________________ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas