Re: AW: [Zope3-Users] efficiency of PAU authentication

Tue, 06 May 2008 17:46:18 -0700 

I write some code to realize session-cache RDB authentication.
RDBPluggableAuthentication is a new PAU, which works well after my testing.

class RDBPluggableAuthentication(PluggableAuthentication):
        """new session-cache PluggableAuthentication"""
        
        def authenticate(self, request):
                authenticatorPlugins = [p for n, p in 
self.getAuthenticatorPlugins()]
                for name, credplugin in self.getCredentialsPlugins():
                        credentials = credplugin.extractCredentials(request)
                        for authplugin in authenticatorPlugins:
                                if authplugin is None:
                                    continue
                                authplugin._v_sessdata = 
ISession(request)['mn.authcache'] #in order to
get sessionData
                                return 
authplugin.authenticateCredentials(credentials)
                return None
        def getPrincipal(self, id):
                if not id.startswith(self.prefix):
                        next = queryNextUtility(self, IAuthentication)
                        if next is None:
                                raise PrincipalLookupError(id)
                        return next.getPrincipal(id)
                raise PrincipalLookupError(id) #ok for groups checking, not 
sure for other
invokers

class RDBAuthenticator(SQLexec):
        """select login, pwd, name, role from tuser where login=<dtml-sqlvar 
login
type="string">;"""
        implements(IAuthenticatorPlugin)
        
        def __init__(self, prefix = ''):
                self.prefix = prefix
                self._v_sessdata = None
        
        def authenticateCredentials(self, credentials):
                if not (credentials and 'login' in credentials and 'password' in
credentials):
                        return
                login, password = credentials['login'], credentials['password']
                prin_cache = self._v_sessdata and 
self._v_sessdata.get('principal', None)
                if prin_cache and prin_cache.id[len(self.prefix):] == login and
getattr(prin_cache, 'pwd', None) == password:
                        return prin_cache
                result = self.execute(self.__doc__, login=login)
                if not result:
                        return
                usr = result[0]
                if password != usr.pwd.strip():
                        return
                prin = RDBPrincipal(self.prefix + login, usr.name, usr.name)
                prin.pwd = password
                prin.groups.extend(usr.role.split(','))
                self._v_sessdata['principal'] = prin
                return prin
                        
        def principalInfo(self, id):
                pass #no invoking from getPrincipal
                
class RDBPrincipal(Persistent, Principal):
        groups = PersistentList()

-- 
View this message in context: 
http://www.nabble.com/efficiency-of-PAU-authentication-tp16972305p17093684.html
Sent from the Zope3 - users mailing list archive at Nabble.com.

_______________________________________________
Zope3-users mailing list
Zope3-users@zope.org
http://mail.zope.org/mailman/listinfo/zope3-users

Reply via email to