[Zope-PAS] Passwordless authentication

Lennart Regebro regebro at nuxeo.com
Mon Aug 30 13:00:36 EDT 2004


Zachery Bir wrote:
> Actually, PAS supports it. There are no assumptions made on what 
> constitutes valid credentials. For something like this, though, you'll 
> probably want a plugin that does both IExtractCredentialsPlugin and 
> IAuthenticateCredentialsPlugin (since they will likely know what to look 
> for from each other).

It works with this little change:

     security.declarePrivate( '_mangleId' )
     def _mangleId( self, namespace, id ):
	if id.find(MANGLE_DELIMITER) != -1:
             return id
         return MANGLE_DELIMITER.join( ( namespace, id ) )

So that double mangling is prevented. That way the Authentication plugin 
can return the correct mangled user_id of the user.

Otherwise, the enumeration and authentication plugins has to be the 
same, which doesn't work in this case, because then the extraction, 
authentication and enumeration plugins has to be the same, and then you 
really have no point in having a plugin-architecture at all, unless the 
various plugins are independant of each other.

//Lennart


More information about the Zope-PAS mailing list