zope.app.pluggableauth

Pluggable Authenticatin Mechanism (Obselete)

These details have not been verified by PyPI

Project links

Homepage

Development Status
- 5 - Production/Stable
Environment
- Web Environment
Framework
- Zope3
Intended Audience
- Developers
License
- OSI Approved :: Zope Public License
Natural Language
- English
Operating System
- OS Independent
Programming Language
- Python
Topic
- Internet :: WWW/HTTP

Project description

This package provides the original implementation of the pluggable authentication utility. It has been superceded by zope.app.authentication.

Detailed Dcoumentation

New Authentication Service Design

The current implementation will be replaced. The following is a design I came up with together with Jim Fulton. – itamar

Note that this design is implemented (in some form) by the pluggable auth service. This document needs to be updated to reflect the final implementation.

Design notes for new AuthenticationService

The service contains a list of user sources. They implement interfaces, starting with:

class IUserPassUserSource:
    """Authenticate using username and password."""

    def authenticate(username, password):
        "Returns boolean saying if such username/password pair exists"


class IDigestSupportingUserSource(IUserPassUserSource):
    """Allow fetching password, which is required by digest auth methods"""

    def getPassword(username):
        "Return password for username"

etc. Probably there will be others as well, for dealing with certificate authentication and what not. Probably we need to expand above interfaces to deal with principal titles and descriptions, and so on.

A login method (cookie auth, HTTP basic auth, digest auth, FTP auth), is registered as a view on one of the above interfaces.

class ILoginMethodView:

      def authenticate():
           """Return principal for request, or None."""

      def unauthorized():
           """Tell request that a login is required."""

The authentication service is then implemented something like this:

class AuthenticationService:

    def authenticate(self, request):
        for us in self.userSources:
             loginView = getView(self, us, "login", request)
             principal = loginView.authenticate()
             if principal is not None:
                 return principal

    def unauthorized(self, request):
        loginView = getView(self, self.userSources[0], request)
        loginView.unauthorized()

CHANGES

3.4.0 (2007-10-25)

Initial release independent of the main Zope tree.

Project details

These details have not been verified by PyPI

Project links

Homepage

Development Status
- 5 - Production/Stable
Environment
- Web Environment
Framework
- Zope3
Intended Audience
- Developers
License
- OSI Approved :: Zope Public License
Natural Language
- English
Operating System
- OS Independent
Programming Language
- Python
Topic
- Internet :: WWW/HTTP

Release history Release notifications | RSS feed

This version

3.4.0

Oct 25, 2007

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

zope.app.pluggableauth-3.4.0.tar.gz (12.5 kB view details)

Uploaded Oct 25, 2007 Source

File details

Details for the file zope.app.pluggableauth-3.4.0.tar.gz.

File metadata

Download URL: zope.app.pluggableauth-3.4.0.tar.gz
Upload date: Oct 25, 2007
Size: 12.5 kB
Tags: Source
Uploaded using Trusted Publishing? No

File hashes

Hashes for zope.app.pluggableauth-3.4.0.tar.gz
Algorithm	Hash digest
SHA256	`54611d1ed3ab04ab7fbc85cd6dc6e9193073bfaf14b6f81e9a4ee76cea1ad3f2`
MD5	`7cf294005f10ceefb4774c7468006762`
BLAKE2b-256	`3e0ffef14d2e3e91d3577101756dcb951c9a0f62522bd201b3a342de7577449c`