Skip to main content

OpenID authentication support for PAS

Project description

OpenID PAS support

Introduction

This product implements OpenID authentication support for Zope via a Pluggable Authentication Service plugin.

Using this package everyone with an OpenID authentity will be able to login on your Zope site. OpenID accounts are not given any extra roles beyond the standard Authenticated role. This allows you to make a distinction between people that have explicitly signed up to your site and people who are unknown but have succesfully verified their identity.

Authentication flow

The OpenID authentication flow goes like this:

  • user submits a OpenID identity (which is a URL) to you site. This is done through a HTTP POST using a form variable called __ac_identity_url

  • the PAS plugin sees this variable during credential extraction and initiates a OpenID challenge. This results in a transaction commit and a redirect to an OpenID server.

  • the OpenID server takes care of authenticating the user and redirect the user back to the Zope site.

  • the OpenID PAS plugin extracts the information passed in via the OpenID server redirect and uses that in its authentication code to complete the OpenID authentication

Session management

The PAS plugin only takes care of authenticating users. In almost all environments it will be needed to also setup a session so users stay logged in when they visit another page. This can be done via a special session management PAS plugin, for example plone.session.

Changelog

2.0.5 (2019-03-29)

  • Fixed error caused by PAS inserting login=None in the openid query. Fixes issue 10. [maurits]

2.0.4 (2015-03-21)

  • Removed unused testing code with dependency to PloneTestCase [tomgross]

2.0.3 (2015-02-11)

  • Ported tests to plone.app.testing [tomgross]

2.0.2 (2013-12-07)

2.0.1 (2012-12-09)

2.0 - 2010-07-18

  • Package metadata cleanup and definition of all package dependencies. [hannosch]

  • Relicense to BSD. [Plone Foundation]

  • Refactor tests to be simple python test cases. This removes all dependencies on Plone code. [wichert]

  • Specify package dependencies. [hannosch]

  • Handle the case where the handles for a given domain are empty but a request for them is made anyway. This fixes http://dev.plone.org/plone/ticket/9178 [jvloothuis]

1.2 - 2008-08-19

  • Fixed bug where you could not log in via OpenID, immediately log out, and then immediately log in again. [davisagli]

  • Upgraded to python-openid>=2.2.1 to fix handling of OpenID providers that use identifier recycling. (c.f. http://developer.yahoo.com/openid/faq.html) This closes http://dev.plone.org/plone/ticket/8051. [davisagli]

  • Use the OpenID “claimed identifier” so that the proper identity URL is displayed when using delegation. [davisagli]

1.1 - 2008-04-21

  • Writing test and fixes for bug #7176 whereby a traceback was produced when an empty string identity was placed in the openid login form. [andrewb]

  • Do not enable OpenID support if python has no SSL support. [wichert]

1.0.1 - 2007-11-09

1.0 - 2007-08-15

  • First stable release [wichert]

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

plone.openid-2.0.5.tar.gz (15.3 kB view details)

Uploaded Source

File details

Details for the file plone.openid-2.0.5.tar.gz.

File metadata

  • Download URL: plone.openid-2.0.5.tar.gz
  • Upload date:
  • Size: 15.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/1.11.0 pkginfo/1.4.2 requests/2.18.4 setuptools/40.8.0 requests-toolbelt/0.8.0 tqdm/4.19.4 CPython/2.7.15

File hashes

Hashes for plone.openid-2.0.5.tar.gz
Algorithm Hash digest
SHA256 7782c57f8ae0c302348fa28a2863ea54f4e7772b4d3121db7c4eb6bdf05a4341
MD5 e2d218351aead2272b44226b81ffd39d
BLAKE2b-256 58d166201cb57d1013f65a6c19753905fda04a742a6c27fc2b88bc700e965333

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page