Am Freitag, 3. Februar 2006 17:11 schrieb Rupert Redington:
> Florian Lindner wrote:
> > Am Freitag, 3. Februar 2006 04:07 schrieb Gary Poster:
> >> On Feb 2, 2006, at 4:41 PM, Florian Lindner wrote:
> >>> Hello,
> >>> I'm still desperately trying to figure out the
> >>> PluggableAuthentication.
> >> Since no one has replied, I'll try my "30-second remediation"
> >> technique again. ;-) That means I didn't really follow exactly what
> >> you are doing, and I'm just trying for low-hanging fruit to help
> >> you. :-)
> > :-)
> > :
> >>> I perform the following steps:
> >>> 1) Create an instance of my folderish, possible site (named A),
> >>> content
> >>> object.
> >>> 2) I create a site in it.
> >>> 3) I add a PAU in the default software space
> >>> 4) I add a SessionCredentialsPlugin and a PrincipalFolder as plugins.
> >>> 5) I create a internal principal with "Title" =
> >>> "zope.Manager" (tried also
> >>> other ones). name = abc
> >>> 6) In the SessionCredentialsPlugin I leave to "loginForm.html". I've a
> >>> loginForm.html view in my A-object)
> >>> 7) I register all components (SessionCreadentiasPlugin,
> >>> PrincipalFolder and
> >>> PAU)
> >> So that means that http://127.0.0.1:8080/++etc++site/default/test.pau/
> >> @@configure.html (or similar) has one credentials plugin in the right
> >> column ("Session Credentials (a utility)") and one authenticator
> >> plugin in the right column ("PrincipalFolder (a utility)" or
> >> something like that). Right?
> >> If not, make it so. :-)
> > It was already like that, forgot to mention it.
> >> If that doesn't work, try making the right column of the Credentials
> >> Plugins field be "No Challenge if Authenticated (a utility)" first
> >> and then "Session Credentials (a utility)" second. That's probably
> >> what you want anyway.
> > Changed it a bit.
> > I'm not redirected to the loginForm.html but a "Not authorized" page.
> > Anything else is the same. I wonder why I'm not authorized, because in
> > the authenticateCredentials() function the internal.title returns:
> > (Pdb) internal.title
> > u'zope.Manager'
> > Which should be authorized for anything.
> > Hope you can hang the fruits a few centimeter lower... ,-)
> If this fruit is low enough for me I'll be very surprised, and you've
> probably done this already, but:
> Does the Principal you've added to your PAU authentication plugin have a
> grant on the site/folder you're trying to access?
I've given the principal the title (which is AFAIK the same as role)
zope.Manager, which IMO does not need further grants.
Another way I've tried: I've created a principal with title CS.User.
In my configure.zcml I have:
title="centershock.net user" />
The ressource I try to access has security declarations:
Or do I need further grants or anything? Or do I misunderstand the title
attribute of the principal.
Zope3-users mailing list