<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii">
<META NAME="Generator" CONTENT="MS Exchange Server version 5.5.2658.24">
<TITLE>Authentication question</TITLE>
</HEAD>
<BODY>
<P><FONT SIZE=2 FACE="Arial">Hi All. Hope this hasn't been answered elsewhere, but I've looked through zope3-users and zope3-dev email and chat logs, and can't find an answer.</FONT></P>
<P><FONT SIZE=2 FACE="Arial">After working through philiKON's web component development book, I decided to move to zope3.1 (mostly because I wanted to snag the homefolder code, which of course he also wrote). In the process of doing this, I decided to subclass and override some of IPrincipalFolder. I create a folder, turn it into a site, add a pluggableAuthentication utility (non-named), and create my new principal folder implementation. I can create new principals of my own type in these folders... (I wanted to use role manager to add some roles at creation time, rather than explicitly granting them at different locations through the ZMI). That part seems to be working.</FONT></P>
<P><FONT SIZE=2 FACE="Arial">However...</FONT>
</P>
<P><FONT SIZE=2 FACE="Arial">I can't actually log in with my new user's credentials. If I connect to specific resources over xmlrpc using my new set of credentials, it works, I can connect to and modify objects with my new principal. But logging in over the web fails. I'm using cookieauth, almost line for line from the web component development book, and it does, if I dump a bunch of debug statements in, prove to be working as the ILoginPassword interface that's getting the info when I post up my username/password (as zope_user, zope_pass). </FONT></P>
<P><FONT SIZE=2 FACE="Arial">After some digging, I noticed that in zope.app.security.principalregistry where it's implementing IAuthentication.authenticate it checks for __principalsByLogin[login]. That dictionary only ever, for me, contains my administrative user (when I throw in some print statements to verify). Since it's called by zope.app.publication in beforeTraversal, that makes sense that it's only checking local registry, but I don't know how to push it along to check the next IAuthentication implementation available.</FONT></P>
<P><FONT SIZE=2 FACE="Arial">I may, also, be going about this the wrong way. Any thoughts?</FONT>
</P>
<P><FONT SIZE=2 FACE="Arial">Pete Taylor</FONT>
<BR><FONT SIZE=2 FACE="Arial">THIG Systems</FONT>
<BR><FONT SIZE=1 FACE="Arial">(desk) 352.333.1722</FONT>
<BR><FONT SIZE=1 FACE="Arial">(cell) 352.359.0073</FONT>
</P>
<BR>
<BR>
<BR>
<BR>
<P><FONT SIZE=2 FACE="Arial">CONFIDENTIAL NOTICE: This email including any attachments, contains </FONT>
<BR><FONT SIZE=2 FACE="Arial">confidential information belonging to the sender. It may also be </FONT>
<BR><FONT SIZE=2 FACE="Arial">privileged or otherwise protected by work product immunity or other </FONT>
<BR><FONT SIZE=2 FACE="Arial">legal rules. This information is intended only for the use of the </FONT>
<BR><FONT SIZE=2 FACE="Arial">individual or entity named above. If you are not the intended </FONT>
<BR><FONT SIZE=2 FACE="Arial">recipient, you are hereby notified that any disclosure, copying, </FONT>
<BR><FONT SIZE=2 FACE="Arial">distribution or the taking of any action in reliance on the contents </FONT>
<BR><FONT SIZE=2 FACE="Arial">of this emailed information is strictly prohibited. If you have </FONT>
<BR><FONT SIZE=2 FACE="Arial">received this email in error, please immediately notify us by </FONT>
<BR><FONT SIZE=2 FACE="Arial">reply email of the error and then delete this email immediately.</FONT>
</P>
</BODY>
</HTML>