I have a PAS configuration with two user sources (Kerberos and ZODB),
modelled as two authentication plugins (IAuthenticationPlugin).

Now, my Zope application (which only sees the PropertiedUser object)
wants to differntiate between Users, which are authenticated against
Kerberos, and the ones authenticated against ZODB.

In former PAS versions (1.0.x) there was the "plugin id mangling", so



  krb__wlang or zodb__wlang
  ^^^           ^^^^

I see that the mangling is replaced by a plugin property named
"prefix". However, if i set the properties of my authentication
plugins, the user_id still is "wlang" (without prefix) in both
cases. The reason for this is (looking into the ZODBUserManager
plugin), that the "authenticateCredentials" method doesnt honor the
"prefix" property:

    def authenticateCredentials( self, credentials ):
        userid = self._login_to_userid.get( login, login )
        reference = self._user_passwords.get(userid)

        if <password correct>:
            return userid, login

So whats the proposed way to discriminate users wrt the auth plugin?
Am i missing something?

I'm willing the write patches and tests, but want to make sure, that i
understand the idea behind mangling, prefix and plugin



willi.langenber...@wu.ac.at            Fax: +43/1/31336/39207
IT-Services,     WU Wirtschaftsuniversitaet Wien,     Austria
Zope-PAS mailing list

Reply via email to