Hi ALL,<br><br>I have been doing an authentcation package with signup and login/logout features using PAU. When i refered to philips book and the worldcookery example i found the following codes in the signup logic. <br><br>
class SignUpView(BaseSignUpView):<br><br> signUpForm = ViewPageTemplateFile('<a href="http://signup.pt">signup.pt</a>')<br><br> def signUp(self, login, title, password, confirmation):<br> if confirmation != password:<br>
raise UserError(_(u"Password and confirmation didn't match"))<br> folder = self._signupfolder()<br> if login in folder:<br> raise UserError(_(u"This login has already been chosen."))<br>
principal_id = folder.signUp(login, password, title)<br><br> role_manager = IPrincipalRoleManager(self.context)<br> <br> role_manager = removeSecurityProxy(role_manager) # <- wot does it really do and how does it make the newly<br>
# created user to be authenticated automatically<br> <br> for role in folder.signup_roles:<br> role_manager.assignRoleToPrincipal(role, principal_id)<br>
self.request.response.redirect("@@welcome.html")<br><br>The above logic works well for me too. But if i comment the line 'role_manager = removeSecurityProxy(role_manager)',still user creation and role assignment works. but i am asked to login again right after the signup. and the redirect does not work.<br>
<br>And another apporch i have seen in <br><br><a href="http://kelpi.com/script/e2019a">http://kelpi.com/script/e2019a</a><br><a href="http://kelpi.com/script/f49219">http://kelpi.com/script/f49219</a><br> <br>so i tried to set the principal as<br>
<br>principal=pau.getPrincipal(principal_id)<br>sel.request.setPrincipal(principal)<br><br>and commented the removeSecurityProxy line.<br>But it also gives same result. <br><br>So is there any other way than using removeSecurityProxy(role_manager)? I also would like to know how risky it can be to use removeSecurityProxy in a code with public (zope.public) permission. I Know this is very trivial issue and everyone have gone through this once.<br>
<br>Thanks in advance.<br><br><br>