Okay, I think I got this working finally. Gustavo, thanks a ton for putting me on the right path. We needed to run through the debugger a few times to see what we were missing but you're example was very very close to what we needed. For the benefit of the group, here's what now appears to be working:
in file <myapp.config.repoze_cfg.py>, the eventual version I ended up with was this: http://pastebin.com/wQ9BnBcQ in my app_cfg.py file, I ended up with this: http://pastebin.com/j4CSWG5V The key difference between what I originally had and now was the section in the app_cfg that now says: base_config.sa_auth.identifiers = [('mynametoregisteras',FLASH_AUTHN_PLUGIN)] base_config.sa_auth.challengers = [('mynametoregisteras',FLASH_AUTHN_PLUGIN)] and not: base_config.sa_auth.identifiers = [FLASH_AUTHN_PLUGIN] base_config.sa_auth.challengers = [FLASH_AUTHN_PLUGIN] On May 4, 8:22 am, robneville73 <[email protected]> wrote: > Oh, one more thing, you're original post said to do: > base_config.sa_auth.request_classifier = my_custom_classifier > > but that complained that request_classifier wasn't an attribute of > sa_auth. Upon inspection, it looked like the right value instead was: > base_config.sa_auth.classifier = my_custom_classifier > > I thought I would include that for completeness in case someone else > finds this thread later with the same issue... > > On May 4, 8:13 am, robneville73 <[email protected]> wrote: > > > > > > > Gustavo, I finally got back to this but I'm having some trouble that > > perhaps you could shed some light on? > > > So, this is what I've done as per your instructions: > > > in file <myapp.config.repoze_cfg.py>: > > from repoze.who.classifiers import default_request_classifier > > from repoze.who.interfaces import IChallenger, IIdentifier > > from repoze.who.plugins.basicauth import BasicAuthPlugin > > > def api_identifier(environ): > > if environ.get('myapp.flex_detected',False): #<-- I have WSGI > > middleware defined that is setting that flag. > > return "api" > > return default_request_classifier(environ) > > > API_AUTH_PLUGIN = BasicAuthPlugin('myapp') > > > API_AUTH_PLUGIN.classifications = { > > IIdentifier: ["api"], > > IChallenger: ["api"], > > > } > > > in file <myapp.config.app_cfg.py>: > > from myapp.config.repoze_cfg import api_identifier, API_AUTH_PLUGIN > > ... > > #enable authentication via http Basic Auth > > base_config.sa_auth.classifier = api_identifier > > base_config.sa_auth.identifiers = [API_AUTH_PLUGIN.classifications] > > #<-- trouble here... > > base_config.sa_auth.challengers = [API_AUTH_PLUGIN.classifications] > > #<-- trouble here... > > > At first, I tried setting base_config.sa_auth.identifiers as you had > > outlined below with: > > > base_config.sa_auth.identifiers = [API_AUTH_PLUGIN] > > > but upon starting up TG, I would get: > > > "TypeError: 'BasicAuthPlugin' object is not iterable" > > > which was failing at repoze.who.middleware.py in the make_registries > > function. So, I then tried changing it as I've outlined above thinking > > that's what the "for name, value in supplied" loop was actually > > looking for...when I do that, I now get the following exception > > thrown.... > > > repoze/who/middleware.py", line 416, in make_registries > > raise ValueError(str(name) + ': ' + why) > > ValueError: <InterfaceClass repoze.who.interfaces.IIdentifier>: An > > object has failed to implement interface <InterfaceClass > > repoze.who.interfaces.IIdentifier> > > > The identify attribute was not provided. > > > When I looked at repoze.who.interfaces at the IIdentifier interface, > > it looked to me like you might need to specify an identify, remember > > and forget function for it to pass this test. Am I on the right track? > > If so, I'm not clear on what I'm supposed to be doing in those > > functions. > > > In your example, you marked the section that said: > > API_AUTH_PLUGIN.classifications = { > > IIdentifier: ["api"], > > IChallenger: ["api"],} > > > as optional. Why is that optional? The reason I ask is that if I > > comment out like this: > > > base_config.sa_auth.classifier = api_identifier > > #base_config.sa_auth.identifiers = [API_AUTH_PLUGIN.classifications] > > #base_config.sa_auth.challengers = [API_AUTH_PLUGIN.classifications] > > > then the application starts up with no errors, but I'm not sure that > > I'm going to get the desired effect or if I'm missing something vital > > by doing that. Can you elaborate on what the > > API_AUTH_PLUGIN.classifications is trying to accomplish or point me to > > relevant documentation? > > > Thanks! > > > On Apr 29, 4:54 pm, Gustavo Narea <[email protected]> wrote: > > > > Hello, Robert! > > > > On 29/04/10 03:32, Robert Neville wrote: > > > > > base_config.sa_auth.request_classifier = my_custom_classifier > > > > base_config.sa_auth.identifiers = [FLASH_AUTHN_PLUGIN] > > > > base_config.sa_auth.challengers = [FLASH_AUTHN_PLUGIN] > > > > > Am I not overwriting the default behavior that way? How does repoze > > > > know that requests classified as "flash" use one challenger and should > > > > otherwise use something else? Since it looks like identifiers is an > > > > array, doesn't there need to be an entry for the default set of > > > > identifiers and challengers or are those baked in somehow, i.e. > > > > something like: > > > > base_config.sa_auth.challengers = [FLASH_AUTHN_PLUGIN, > > > > DEFAULT_THINGGY] > > > > or something like that? > > > > TG2 uses repoze.what-quickstart [1], which is a plugin that sets up > > > repoze.who and repoze.what in one go. It configures the repoze.who > > > FriendlyFormPlugin [2] as the first challenger and first identifier, so > > > there's no need to add it explicitly in TG2. Then, any identifiers or > > > challengers set in app_cfg.py will be appended. > > > > FriendlyFormPlugin advertises itself as a browser-specific plugin, so > > > you don't have to say that it's a plugin for browsers. > > > > That way, you're not changing anything in the default behavior. You're > > > just adding support for Flash clients. People using browsers won't > > > notice any difference. > > > > HTH, > > > > [1]http://code.gustavonarea.net/repoze.what-quickstart/ > > > [2]http://code.gustavonarea.net/repoze.who-friendlyform/ > > > > -- > > > Gustavo Narea <xri://=Gustavo>. > > > > -- > > > You received this message because you are subscribed to the Google Groups > > > "TurboGears" group. > > > To post to this group, send email to [email protected]. > > > To unsubscribe from this group, send email to > > > [email protected]. > > > For more options, visit this group > > > athttp://groups.google.com/group/turbogears?hl=en. > > > -- > > You received this message because you are subscribed to the Google Groups > > "TurboGears" group. > > To post to this group, send email to [email protected]. > > To unsubscribe from this group, send email to > > [email protected]. > > For more options, visit this group > > athttp://groups.google.com/group/turbogears?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "TurboGears" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group > athttp://groups.google.com/group/turbogears?hl=en. -- You received this message because you are subscribed to the Google Groups "TurboGears" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/turbogears?hl=en.
