Hi, apart from Session Credentials, I would also have Zope Realm Basic-Auth in my credentials plugin (as the last one).
For the normal browser based access, the session credentials plugin does the work. For XMLRPC access, I fall back on 'Zope Realm Basic-Auth'. The URL for XMLRPC server proxy would include login and password information like: objProxy = xmlrpclib.Server('http://login:[EMAIL PROTECTED]:8080/path/to/object") objProxy.method(arguments) Hope this helps. With regards, -Shailesh On 8/18/07, C. H. <[EMAIL PROTECTED]> wrote: > > > I'm having difficulty accessing zope 3 objects using xmlrpc in my > application, so > I've gone back into the 22auth example of Phillip von Weitershausen's > excellent book and > made some simple modifications to elucidate my question in a simple > environment > which I describe here: > > created a zope 3 instance > created a site named wcsite > created a folder named rfolder > created a recipe named r1 > created a recipe named r2 > > configured a PAU (at the wcsite level) > with > "No Challenge if Authenticated" > "Session Credentials" > > created a Principal Folder named users > > Access using a browser works fine. If I attempt to access an object > that an unauthenticated > user has no access to, I'm presented with a login page and after > logging in, I acquire and retain access > until I logout. That's good. > > I modified Phillip's example python code worldcookery/xmlrpc/ > recipe.py to authenticate using > a user=u1 and password=p1 (or so I think, hence my problem). That > program is shown below. > > To test: > First, in a browser I log in a manager and I edit the wcsite roles > and permissions to grant the Site Manager role to All Users. > > then run > displayandedit.py http://sasa.local:8080/wcsite/rfolder/r1 > > This works fine, so I'm able to locate and access and edit the recipe > data > > Next, (using a browser and logged in as the site manager) > I edit the wcsite roles and permissions to UNSET the Site Manager > role to All Users and > grant the "Visitor of the WorldCookery website" role to All Users. > Further, I edit wcsite/rfolder/r1 to grant the Site Manager role to > user u1 > So, the user r1 can read everything on the site but can only edit > wcsite/rfolder/r1 > > Now, I rerun displayandedit.py http://sasa.local:8080/wcsite/rfolder/r1 > and get an Unauthorized error: > xmlrpclib.ProtocolError: <ProtocolError for sasa.local:8080/wcsite/ > rfolder/r1: 401 Unauthorized> > > It is my belief that I should be able to provide xmlrpc access to the > r1 user in the recipe.py code > but I can't figure out how. Can someone peruse the code below and > suggest to me the > appropriate technique? The edit method is the one that I modified to > attempt to provide access. > Thanks in advance. > > =================Sample worldcookery/xmlrpc/recipe.py================== > import time > import xmlrpclib > from zope.schema import getFields > from zope.dublincore.interfaces import IZopeDublinCore > from zope.app.publisher.xmlrpc import XMLRPCView > from zope.component import getUtility > from zope.app.security.interfaces import IAuthentication > from zope.app.authentication.interfaces import IPluggableAuthentication > > from worldcookery.interfaces import IRecipe > > def to_unicode(string): > if isinstance(string, unicode): > return string > return string.decode('utf-8') > > class RecipeView(XMLRPCView): > > def info(self): > return dict((field, getattr(self.context, field)) > for field in getFields(IRecipe) > if field not in ('__parent__', '__name__')) > > def dublincore_info(self): > dc = IZopeDublinCore(self.context) > info = dict((field, getattr(dc, field)) > for field in getFields(IZopeDublinCore)) > for name in ('effective', 'created', 'expires', 'modified'): > if info[name]: > epochtime = time.mktime(info[name].timetuple()) > info[name] = xmlrpclib.DateTime(epochtime) > else: > info[name] = '' > return info > > def edit(self, info, user, password): > > edit_return = "" > pau = getUtility(IAuthentication) > # > # make sure there is an authentication utility > # > if not IPluggableAuthentication.providedBy(pau): > edit_return = "# ERROR: No Pluggable Authentication > Utility instance." > return edit_return > else: > edit_return = "\n" + "# found a Pluggable > Authentication Utility instace named " + pau.__name__ > # > # get the authenticator plugin and authenticate credentials > # > for name, plugin in pau.getAuthenticatorPlugins(): > auth_creds = plugin.authenticateCredentials({'login': > user, 'password': password}) > edit_return = edit_return + "\n# authenticated user:" > + auth_creds.login + " title:" + auth_creds.title > > context = self.context > context.name = to_unicode(info['name']) > context.ingredients = \ > [to_unicode(ingr) for ingr in info['ingredients']] > context.tools = [to_unicode(tool) for tool in info['tools']] > context.time_to_cook = info['time_to_cook'] > context.description = to_unicode(info['description']) > > edit_return = edit_return + "\n" + "# Object updated > successfully" > return edit_return > > > _______________________________________________ > Zope3-users mailing list > Zope3-users@zope.org > http://mail.zope.org/mailman/listinfo/zope3-users > _______________________________________________ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users