Skip to main content
This is a pre-production deployment of Warehouse. Changes made here affect the production instance of PyPI (pypi.python.org).
Help us improve Python packaging - Donate today!

OpenID authentication support for PAS

Project Description
OpenID PAS support
==================

Introduction
------------

This product implements OpenID_ authentication support for Zope_ via a
Pluggable Authentication Service plugin.

Using this package everyone with an OpenID authentity will be able to
login on your Zope site. OpenID accounts are not given any extra roles
beyond the standard Authenticated role. This allows you to make a distinction
between people that have explicitly signed up to your site and people
who are unknown but have succesfully verified their identity.

.. _Zope: http://www.zope.org/
.. _OpenID: http://www.openidenabled.com/

Authentication flow
-------------------

The OpenID authentication flow goes like this:

- user submits a OpenID identity (which is a URL) to you site. This is
done through a HTTP POST using a form variable called ``__ac_identity_url``
- the PAS plugin sees this variable during credential extraction and
initiates a OpenID challenge. This results in a transaction commit and
a redirect to an OpenID server.
- the OpenID server takes care of authenticating the user and redirect the
user back to the Zope site.
- the OpenID PAS plugin extracts the information passed in via the OpenID
server redirect and uses that in its authentication code to complete the
OpenID authentication

Session management
------------------

The PAS plugin only takes care of authenticating users. In almost all
environments it will be needed to also setup a session so users stay
logged in when they visit another page. This can be done via a special
session management PAS plugin, for example `plone.session`_.

.. _plone.session: http://pypi.python.org/pypi/plone.session
Changelog
=========

2.0 - 2010-07-18
----------------

* Package metadata cleanup and definition of all package dependencies.
[hannosch]

* Relicense to BSD.
[Plone Foundation]

* Refactor tests to be simple python test cases. This removes
all dependencies on Plone code.
[wichert]

* Specify package dependencies.
[hannosch]

* Handle the case where the handles for a given domain are empty but a
request for them is made anyway. This fixes
http://dev.plone.org/plone/ticket/9178
[jvloothuis]

1.2 - 2008-08-19
----------------

* Fixed bug where you could not log in via OpenID, immediately log out,
and then immediately log in again.
[davisagli]

* Upgraded to python-openid>=2.2.1 to fix handling of OpenID providers
that use identifier recycling. (c.f.
http://developer.yahoo.com/openid/faq.html) This closes
http://dev.plone.org/plone/ticket/8051.
[davisagli]

* Use the OpenID "claimed identifier" so that the proper identity URL is
displayed when using delegation.
[davisagli]

1.1 - 2008-04-21
----------------

* Writing test and fixes for bug #7176 whereby a traceback
was produced when an empty string identity was placed in the openid
login form.
[andrewb]

* Do not enable OpenID support if python has no SSL support.
[wichert]

1.0.1 - 2007-11-09
------------------

* Also accept https URLs as valid identifiers. This fixes
http://dev.plone.org/plone/ticket/7298
[wichert]

1.0 - 2007-08-15
----------------

* First stable release
[wichert]
Release History

Release History

History Node

2.0.4

History Node

2.0.3

History Node

2.0.2

History Node

2.0.1

This version
History Node

2.0

History Node

1.2

History Node

1.1.1

History Node

1.1

History Node

1.0.1

History Node

1.0

History Node

1.0rc1

History Node

1.0b3

History Node

1.0b2

History Node

1.0b1

History Node

0.9

Download Files

Download Files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

File Name & Checksum SHA256 Checksum Help Version File Type Upload Date
plone.openid-2.0.zip (22.5 kB) Copy SHA256 Checksum SHA256 Source Jul 18, 2010

Supported By

WebFaction WebFaction Technical Writing Elastic Elastic Search Pingdom Pingdom Monitoring Dyn Dyn DNS Sentry Sentry Error Logging CloudAMQP CloudAMQP RabbitMQ Heroku Heroku PaaS Kabu Creative Kabu Creative UX & Design Fastly Fastly CDN DigiCert DigiCert EV Certificate Rackspace Rackspace Cloud Servers DreamHost DreamHost Log Hosting