Re: [Zope] Pluggable Auth Service ... how is it used?
On 7 Jul 2005, at 06:41, Richard Jones wrote: I'd like to get session-based login going, and on the surface PAS appears to support that. First up, is there any documentation? I've set up in my PAS "acl_users" the following objects: 1. "cookies" - a Cookie Auth Helper active for Challenge 2. "session" - a Session Auth Helper active for Extraction, Update Credentials and Reset Credentials 3. "users" - a ZODB User Manager with a single user "test" 4. "roles" - a ZODB Role Manager with the "test" user assigned to "Manager" Then accessing a "Manager" protected method inside the folder brings up the login form from the Cookie Auth Helper, but submitting that form does nothing (it returns the empty form to me). Add "Extraction" to the cookie object. Only the cookie object would know how to extract credentials coming back from the cookie object's challenge. Makes sense, doesn't it? I have described such a setup before either here or on the PAS list itself, take a look at the archives. The very first challenge and extraction is done by the cookie auth helper, and the credentials are then stored by the session auth helper which is doing all extractions after that. jens ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] Pluggable Auth Service ... how is it used?
I'd like to get session-based login going, and on the surface PAS appears to support that. First up, is there any documentation? I've set up in my PAS "acl_users" the following objects: 1. "cookies" - a Cookie Auth Helper active for Challenge 2. "session" - a Session Auth Helper active for Extraction, Update Credentials and Reset Credentials 3. "users" - a ZODB User Manager with a single user "test" 4. "roles" - a ZODB Role Manager with the "test" user assigned to "Manager" Then accessing a "Manager" protected method inside the folder brings up the login form from the Cookie Auth Helper, but submitting that form does nothing (it returns the empty form to me). Switching the "cookies" object to handle Extraction, Update Credentials and Reset Credentials makes the login work, but I'd like to use the session. The docs that come with the product talk about Decorators and Property Sheets used to extend the user properties, but I can't even find anything with either of those names in the UI. The interface has "Scriptable Plugin" with a teasingly disabled "Validation" interface -- which I have found to mean user validation. I'd like to enforce valid email address capture ... when I can figure how to actually capture an email address, that is. Richard pgpLHwu0A4IJ4.pgp Description: PGP signature ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )