[BlueBream] PAU + loginpagename = FAIL

Dr. Volker Jaenisch volker.jaenisch at inqbus.de
Wed May 19 18:23:34 EDT 2010

Hi Bluebream list!

Tried to use the PAU feature of the challenge mechanism
of the sessionbasedcredential plugin.

The main registration of PAU :

def createPAU( event ):
    sm = event.object.getSiteManager()
    pau = PluggableAuthentication()
    sm['authentication'] = pau
    sm.registerUtility(pau, IAuthentication)
    users = PrincipalFolder()
    sm['authentication']['Users'] = users
    sm.registerUtility(users, IAuthenticatorPlugin, name="Users")
    pau.credentialsPlugins = ( "No Challenge if Authenticated", "Session 
Credentials" )

    # introduce my own login page
    for name, plugin in pau.getCredentialsPlugins():
        #iterate over all credential plugin tupels
        if hasattr(plugin,'loginpagename'):
            plugin.loginpagename = '@@login'

This code should bring the functionality that an unauthorized user will jump
to the login page (@@login).

I addressed without a former login the following URL

where test11 is my custom site-manager-instance and @@test a empty 
test-view just
containing a pdb in __call__.

class testPage(BrowserPagelet):
    """test pagelet"""

    def __call__(self):
        import pdb; pdb.set_trace()

    def update(self):
        import pdb; pdb.set_trace()

I end up with
Module paste.evalexception.middleware:*306* in |respond|         
|<<  <>        *try**:*
                __traceback_supplement__ *=* 
errormiddleware*.*Supplement*,* self*,* environ
                app_iter *=* self*.*application*(*environ*,* 
                    return_iter *=* list*(*app_iter*)*||>>  
<>app_iter *=* 
self*.*application*(*environ*,* detect_start_response*)*|
Module paste.translogger:*68* in |__call__|         
|<<  <>            
self.write_log(environ, method, req_uri, start, status, bytes)
                return start_response(status, headers)
            return self.application(environ, replacement_start_response)
        def write_log(self, environ, method, req_uri, start, status, 
bytes):||>>  <>*return* 
self*.*application*(*environ*,* replacement_start_response*)*|
Module zope.app.wsgi:*59* in |__call__|         
|<<  <>        handle_errors *=* 
environ*.*get*(*'wsgi.handleErrors'*,* self*.*handleErrors*)*
            request *=* publish*(*request*,* 
            response *=* request*.*response
            # Get logging info from principal for log use||>>  
<>request *=* publish*(*request*,* 
Module zope.publisher.publish:*131* in |publish|         
|<<  <>
                                obj *=* 
                                obj *=* request*.*traverse*(*obj*)*
publication*.*afterTraversal*(*request*,* obj*)*||>>  
<>obj *=* request*.*traverse*(*obj*)*|
Module zope.publisher.browser:*556* in |traverse|         
|<<  <>
                nsteps *=* *0*
                ob*,* add_steps *=* 
publication*.*getDefaultTraversal*(*self*,* ob*)*
                *while* add_steps*:*
                    nsteps *+=* len*(*add_steps*)*||>>  
<>ob*,* add_steps *=* 
publication*.*getDefaultTraversal*(*self*,* ob*)*|
Module zope.app.publication.browser:*36* in |getDefaultTraversal|       
|<<  <>        *if* 
                # ob is already proxied, so the result of calling a 
method will be
                *return* ob*.*browserDefault*(*request*)*
                adapter *=* queryMultiAdapter*(**(*ob*,* request*)**,* 
IBrowserPublisher*)*||>>  <>*return* 
*Unauthorized: (<z3c.pagelet.zcml.testPage object at 0x9e4838c>, 
'browserDefault', 'zope.ManageContent')

*This trace is correct in so far that the view has the following 
permission settings:
  <!-- test form -->

1) The plugin "Session Credentials" is registered and works.
I know this because the "extractCredentials"-Routine of the plugin is 
called and
it is my instance of this plugin because it has its loginpagename set to 
"@@login" which is not the default value.

2) But the "challenge"-routine of the plugin which should bring up the 
login page is never called.

3) I traced that back into PAU itself. The "unauthorized"-routine in
which will in turn call the plugins challenge-routine is also not called.

4) But the routine "unauthenticatedPrincipal" is called which is not 

5) I had the slight suspicion that this has something to do with the 
So I tried to run the bluebream instance not in debug-mode (which 
catches some ecxeptions) but in
deploy-mode utilizing
./bin/paster serve deploy.ini

But this ends in the following stacktrace

2010-05-20T00:08:57 ERROR SiteError Error while reporting an error to 
the Error Reporting utility
Traceback (most recent call last):
line 263, in _logErrorWithErrorReportingUtility
    errUtility = zope.component.getUtility(IErrorReportingUtility)
line 171, in getUtility
    raise ComponentLookupError(interface, name)
ComponentLookupError: (<InterfaceClass 
zope.error.interfaces.IErrorReportingUtility>, '')
<zope.publisher.interfaces.EndRequestEvent object at 0x94185ac>

Any help or idea appreciated


   inqbus it-consulting      +49 ( 341 )  5643800
   Dr.  Volker Jaenisch      http://www.inqbus.de
   Herloßsohnstr.    12      0 4 1 5 5    Leipzig
   N  O  T -  F Ä L L E      +49 ( 170 )  3113748

More information about the bluebream mailing list