The cause of the problem was that I had conflicting repoze.what libraries installed. So I removed repoze.* from site-packages, updated setup.py and setup.cfg from another newly quickstarted TG 2.2 project and ran it to install correct versions.
All this left me with question: *How do you update files coming from quickstart process like setup.py when you upgrade TG? By hand?* Other problem was that I misunderstood the role of ApplicationAuthMetadata - * it does not authenticate, only fetches the metadata after successful authentication is done*. Can you please add this to the documentation? It maybe is not clear on first reading and I was under impression I can modify the authentication there (for example, to allow case-insensitive logins). Regards and thanks for help! Juraj Dňa sobota, 13. októbra 2012 18:19:39 UTC+2 Alessandro Molina napísal(-a): > > If you had to make a change to TurboGears itself then there is > something wrong in the way authentication is configured for your > application. > > A working 2.2 authentication setup should look like: > > base_config.sa_auth.cookie_secret = "ChangeME" > base_config.auth_backend = 'sqlalchemy' > base_config.sa_auth.user_class = model.User > > from tg.configuration.auth import TGAuthMetadata > class ApplicationAuthMetadata(TGAuthMetadata): > [...] > > base_config.sa_auth.dbsession = model.DBSession > base_config.sa_auth.authmetadata = > ApplicationAuthMetadata(base_config.sa_auth) > base_config.sa_auth.form_plugin = None > base_config.sa_auth.charset = 'utf-8' > base_config.sa_auth.post_login_url = '/post_login' > base_config.sa_auth.post_logout_url = '/post_logout' > > Nothing else should be required and might actually cause issues as > everything that is available inside sa_auth property is passed to > repoze setup and can actually change the way your authentication is > configured. > > On Sat, Oct 13, 2012 at 12:51 PM, Juraj Variny > <[email protected]<javascript:>> > wrote: > > After some digging, I found out following: > > > > It is necessary to comment out following settings in app_cfg.py . They > were > > inherited from TG 2.1: > > > > #base_config.sa_auth.group_class = model.Group > > > > #base_config.sa_auth.permission_class = model.Permission > > > > and commenting out line 169 (starting with who_args['authenticators']) > in > > TurboGears2-2.2.0-py2.7.egg/tg/configuration/auth.py seems to fix the > > problem: > > > >> # If no identifiers are provided in repoze setup arguments > >> # then create a default one using AuthTktCookiePlugin. > >> if 'identifiers' not in who_args: > >> from repoze.who.plugins.auth_tkt import AuthTktCookiePlugin > >> cookie = AuthTktCookiePlugin(cookie_secret, cookie_name, > >> timeout=cookie_timeout, > >> reissue_time=cookie_reissue_time) > >> who_args['identifiers'] = [('cookie', cookie)] > >> #who_args['authenticators'].insert(0, ('cookie', cookie)) > >> > >> # If no form plugin is provided then create a default > >> # one using the provided options. > > > > > > Can anyone please confirm this so that I'm not inadvertently crippling > > something? > > > > > > Juraj > > > > > > Dňa sobota, 13. októbra 2012 11:51:46 UTC+2 Juraj Variny napísal(-a): > >> > >> Hi, added straight-from-the-manual ApplicationAuthMetadata to my > >> app_cfg.py: > >> > >> > >>> #This tells to TurboGears how to retrieve the data for your user > >>> > >>> class ApplicationAuthMetadata(TGAuthMetadata): > >>> > >>> def __init__(self, sa_auth): > >>> > >>> self.sa_auth = sa_auth > >>> > >>> def get_user(self, identity, userid): > >>> > >>> return > >>> > self.sa_auth.dbsession.query(self.sa_auth.user_class).filter_by(user_name=userid).first() > > > >>> > >>> def get_groups(self, identity, userid): > >>> > >>> return [g.group_name for g in identity['user'].groups] > >>> > >>> def get_permissions(self, identity, userid): > >>> > >>> return [p.permission_name for p in identity['user'].permissions] > >>> > >>> > >>> base_config.sa_auth.authmetadata = > >>> ApplicationAuthMetadata(base_config.sa_auth) > >>> > >> > >> and immediately got exception below. If I comment out the > >> base_config.sa_auth.authmetadata setting, all works normally. > >> > >> TIA, > >> > >> Juraj > >> > >> > >>> -------------------- Restarting -------------------- > >>> Traceback (most recent call last): > >>> File "/home/juro/work/coinbr/tg2env/bin/paster", line 8, in <module> > >>> load_entry_point('PasteScript==1.7.5', 'console_scripts', > 'paster')() > >>> File > >>> > "/home/juro/work/coinbr/tg2env/lib/python2.7/site-packages/PasteScript-1.7.5-py2.7.egg/paste/script/command.py", > > > >>> line 104, in run > >>> invoke(command, command_name, options, args[1:]) > >>> File > >>> > "/home/juro/work/coinbr/tg2env/lib/python2.7/site-packages/PasteScript-1.7.5-py2.7.egg/paste/script/command.py", > > > >>> line 143, in invoke > >>> exit_code = runner.run(args) > >>> File > >>> > "/home/juro/work/coinbr/tg2env/lib/python2.7/site-packages/PasteScript-1.7.5-py2.7.egg/paste/script/command.py", > > > >>> line 238, in run > >>> result = self.command() > >>> File > >>> > "/home/juro/work/coinbr/tg2env/lib/python2.7/site-packages/PasteScript-1.7.5-py2.7.egg/paste/script/serve.py", > > > >>> line 284, in command > >>> relative_to=base, global_conf=vars) > >>> File > >>> > "/home/juro/work/coinbr/tg2env/lib/python2.7/site-packages/PasteScript-1.7.5-py2.7.egg/paste/script/serve.py", > > > >>> line 321, in loadapp > >>> **kw) > >>> File > >>> > "/home/juro/work/coinbr/tg2env/lib/python2.7/site-packages/PasteDeploy-1.5.0-py2.7.egg/paste/deploy/loadwsgi.py", > > > >>> line 247, in loadapp > >>> return loadobj(APP, uri, name=name, **kw) > >>> File > >>> > "/home/juro/work/coinbr/tg2env/lib/python2.7/site-packages/PasteDeploy-1.5.0-py2.7.egg/paste/deploy/loadwsgi.py", > > > >>> line 272, in loadobj > >>> return context.create() > >>> File > >>> > "/home/juro/work/coinbr/tg2env/lib/python2.7/site-packages/PasteDeploy-1.5.0-py2.7.egg/paste/deploy/loadwsgi.py", > > > >>> line 710, in create > >>> return self.object_type.invoke(self) > >>> File > >>> > "/home/juro/work/coinbr/tg2env/lib/python2.7/site-packages/PasteDeploy-1.5.0-py2.7.egg/paste/deploy/loadwsgi.py", > > > >>> line 146, in invoke > >>> return fix_call(context.object, context.global_conf, > >>> **context.local_conf) > >>> File > >>> > "/home/juro/work/coinbr/tg2env/lib/python2.7/site-packages/PasteDeploy-1.5.0-py2.7.egg/paste/deploy/util.py", > > > >>> line 59, in fix_call > >>> reraise(*exc_info) > >>> File > >>> > "/home/juro/work/coinbr/tg2env/lib/python2.7/site-packages/PasteDeploy-1.5.0-py2.7.egg/paste/deploy/compat.py", > > > >>> line 22, in reraise > >>> exec('raise t, e, tb', dict(t=t, e=e, tb=tb)) > >>> File > >>> > "/home/juro/work/coinbr/tg2env/lib/python2.7/site-packages/PasteDeploy-1.5.0-py2.7.egg/paste/deploy/util.py", > > > >>> line 56, in fix_call > >>> val = callable(*args, **kw) > >>> File > >>> > "/home/juro/work/coinbr/tg2env/Coin-Broker/coinbr/config/middleware.py", > >>> line 35, in make_app > >>> app = make_base_app(global_conf, full_stack=True, **app_conf) > >>> File > >>> > "/home/juro/work/coinbr/tg2env/lib/python2.7/site-packages/TurboGears2-2.2.0-py2.7.egg/tg/configuration/app_config.py", > > > >>> line 962, in make_base_app > >>> app = self.add_auth_middleware(app, skip_authentication) > >>> File > >>> > "/home/juro/work/coinbr/tg2env/lib/python2.7/site-packages/TurboGears2-2.2.0-py2.7.egg/tg/configuration/app_config.py", > > > >>> line 721, in add_auth_middleware > >>> app = setup_auth(app, skip_authentication=skip_authentication, > >>> **auth_args) > >>> File > >>> > "/home/juro/work/coinbr/tg2env/lib/python2.7/site-packages/TurboGears2-2.2.0-py2.7.egg/tg/configuration/auth.py", > > > >>> line 229, in setup_auth > >>> return PluggableAuthenticationMiddleware(app, **who_args) > >>> TypeError: __init__() got an unexpected keyword argument > >>> 'permission_class' > >>> > >> > > -- > > You received this message because you are subscribed to the Google > Groups > > "TurboGears" group. > > To view this discussion on the web visit > > https://groups.google.com/d/msg/turbogears/-/73dmR4UrHo0J. > > > > To post to this group, send email to > > [email protected]<javascript:>. > > > To unsubscribe from this group, send email to > > [email protected] <javascript:>. > > For more options, visit this group at > > http://groups.google.com/group/turbogears?hl=en. > -- You received this message because you are subscribed to the Google Groups "TurboGears" group. To view this discussion on the web visit https://groups.google.com/d/msg/turbogears/-/tN7Pxqphl1sJ. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/turbogears?hl=en.
