[Zope-PAS] Proposed challenge implementation
Lennart Regebro
regebro at nuxeo.com
Mon Sep 13 10:39:03 EDT 2004
Here are some changes I made to PluggableAuthService.py to implement
challenge support:
def __call__(self, container, req):
""" The __before_publishing_traverse__ hook. """
req = self.REQUEST
resp = req['RESPONSE']
resp.old_unauthorized = resp._unauthorized
resp._unauthorized = self.challenge
return
def challenge(self):
req = self.REQUEST
resp = req['RESPONSE']
resp.old_unauthorized()
# Go through all challenge plugins
plugins = self._getOb('plugins')
challengers = plugins.listPlugins( IChallengePlugin )
for challenger_id, challenger in challengers:
challenger.challenge(req, resp)
As you notice, this requires the plugins to raise either Unauthorized,
or Redirect. However, anything else is a bit of a special case, and
implementing it will be a major pain in the a...posterior, probably
including some hefty moneky-patching.
This probably means that challenge plugins may not be compatible with
Zope3s PAS implementation. I'm not sure that is a major problem.
What do you think? It works... should I check it in? Or should we look
for a better solution?
//Lennart
More information about the Zope-PAS
mailing list