Hi there,
I don't know whether CAS (http://mdp.cti.depaul.edu/appliances/default/
show/22) is obsolete due to the more and more interest on T2, but I
still give it a try because it seems more "lightweight". So here I am
writing for sharing some bugfix and improvement to all.
Bugfix in verify() of applications/cas/controllers/cas.py:
session.user_id=r[0].id # BUG: session.cas_user_id=r[0].id
session.user_name=r[0].name # BUG: session.cas_user_name=r[0].name
session.user_email=r[0].email # BUG: session.cas_user_email=r
[0].email
The original typo causes a new user has a chance to obtain privilege
of the previous user who just used the same browser.
Improvement(actually just a reminding):
Nowadays most email servers requires authentication before you can
send an email. So in applications/cas/models/email.py, I suggest to
add corresponding settings.
EMAIL_USER="[EMAIL PROTECTED]"
EMAIL_PASS="blah"
then later:
server = smtplib.SMTP(EMAIL_SERVER)
server.login(EMAIL_USER,EMAIL_PASS) # Add this line
server.sendmail(fromaddr, toaddrs, msg)
Sincerely,
Iceberg, 2008-Nov-17, 12:36(PM), Mon
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"web2py Web Framework" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/web2py?hl=en
-~----------~----~----~----~------~----~------~--~---
