[Zope-PAS] Scriptable Plug-in Issues

Jeff Peterson jeff.peterson at crary.com
Wed Aug 6 18:01:29 EDT 2008


I am trying to use PAS for a project requiring authentication.  Here are the expectations:

1)      Should accept a login/pass in the initial request.  In other words, I want to be able to place a login widget on another page and login from there by passing the credentials in the initial request.

2)      If login/password are not in the initial request, I want to challenge for credentials at this point.

3)      Given valid credentials, it should authenticate against a Postgres DB.  If authentication succeeds I would like a user object to be created and given a local role defined for that folder (the folder that the acl_users folder resides) and taken to the application.  If it fails it should continue to challenge with appropriate error messages until the user gives up or enters proper credentials.

What I have done:

1)      Added a PAS object (acl_users folder) in the application's root folder.

2)      Inside the acl_users folder I have added a scriptable plug-in object.

3)      Inside the scriptable plug-in container, I have added a Script "challenge", updated it under the "interfaces" tab and activated it under the "activate" tab.

4)      Added request and response to the parameter list of the "challenge" Script.

5)      Created a page template called "login.html" in the same folder.

6)      Added this code to the "challenge" script:

1.       response.redirect(getattr(container, 'login.html').absolute_url(), lock=1)

2.       return True

7)      Under the "security" tab removed all checks under "Acquire permission settings?"

At this point I expected that browsing to the url of the app with no credentials would produce the login.html page as an attempt at a challenge.  What I get is, after, many seconds, is a Proxy Error explaining it cannot read from the server.  I am fairly sure it is running the "challenge" script.  If I remove one of the parameters it complains that the script expects one argument and is receiving two.  I also referenced a garbage attribute of request to produce an AttributeError.   Something, however is amiss.

I have stared at the code and pored over the old mailing list posts but I cannot seem to get any further.    Is there a how-to or anyone who has worked a scriptable plugin willing to help me a long?  Any sort of a nudge in the right direction would be wonderful.

I am currently using Zope 2.8.7 and PAS 1.2-final

Thanks in advance.


Jeffrey D Peterson
Crary Industries, Inc.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.zope.org/pipermail/zope-pas/attachments/20080806/3c387abb/attachment.html

More information about the Zope-PAS mailing list