On Wednesday 12 April 2006 12:54, Pete Taylor wrote:
> i have built a credentials plugin and an authenticator plugin, and set
> them up in my PAU.  i built the credentials plugin such that if no
> credentials a recieved in the request, it checks the cookies for the
> expected credentials, and if they're there, builds the necessary
> credentials dict out of that instead, and returns that back for the
> authenticator plugin to use.

Aehm, this is exactly what the SessionCredentials do.

> the login logic then, assuming a principal is infact returned from
> pau.authenticate(self.request) (either because the cookies have the
> credentials or the request did), returns back
> self.request.setPrincipal(principal) and sets the cookies for the next
> use (in the case that the credentials were found in the request, but
> hadn't been set yet).
> my login form's action looks like this:
>     @form.action('Login')
>     def handle_login_action(self, action, data):
>         lsm = component.getSiteManager(context=self.context)
>         pau = component.getUtility(IAuthentication, context=lsm)
>         principal = pau.authenticate(self.request)
>         if principal is not None:
>             self.setCookies()
>             #i've both used this and not used this...
>             #doesn't seem to affect anything one way or the other
>             self.request.setPrincipal(principal)

Why are you doing this by hand? The authentication service should do all of 
this for you.

> as a bit of extra background, i have a viewlet that needs to be aware
> of request.principal.  in tales, i did a bit of tracking of "where and
> when" the current self.request was aware of request.principal.  the
> primary page view found request/principal/id every time.  the viewlet
> could find request/principal/id in tales, but not in the viewlet class
> (a form.Form), even though self.request is super'd up through.  i
> attempted, in the viewlet, to look at
> "self.__parent__.request.principal" since i set __parent__ to the view
> that comes in on __init__, and i know that view can see
> request.principal, since it shows up in tales every time.
> still no luck, it always throws AttributeError on request.principal.

All this will work, if you use PAU correctly.

I strongly suggest setting up a simple PAU, all with standard components. It 
is really not that hard and work beautifully.

Stephan Richter
CBU Physics & Chemistry (B.S.) / Tufts Physics (Ph.D. student)
Web2k - Web Software Design, Development and Training
Zope3-users mailing list

Reply via email to