[Checkins] SVN: Products.PluggableAuthService/branches/shh-15-masquerading/Products/PluggableAuthService/ User masquerading. Adapted from a patch against PAS 1.0.4.

[Wichert Akkerman]

Hi Stefan,

Previously Stefan H. Holek wrote:
> Log message for revision 97359:
>   User masquerading. Adapted from a patch against PAS 1.0.4.
>   
>   Logging in as AUTHUSER/ROLEUSER (e.g. 'admin/jdoe') authenticates
>   against AUTHUSER but returns ROLEUSER. As a security precaution,
>   AUTHUSER must have the Manager role. Note: AUTHUSER and ROLEUSER
>   must live in the same user folder.

What happens if someone as a / in his login name? How do you plan to
deal with differing login and usernames?

Is there a reason this is not doable with plugins?


Wichert.

-- 
Wichert Akkerman <wichert at wiggy.net>    It is simple to make things.
http://www.wiggy.net/                   It is hard to make things simple.