[Zope] LoginManager broken?

Mayers, Philip J p.mayers@ic.ac.uk
Tue, 12 Dec 2000 11:26:05 -0000


Ye gods...

Ok, steps I had to take to get LoginManager working

1) Create a folder, call it "test"
2) In that folder, add a LoginManager with a GenericUserSource, with *just*
"Basic Auth Login" selected. Leave the rest as defaults.
3) In the newly-created ACL-users folder, you'll find "forbiddenPage",
"loginForm" and "logoutForm" - you can delete loginForm.
   Give logoutForm and forbiddenPage the "Manager" proxy role
4) In the UserSource folder/object underneath acl_users, add
   a) A connection to the SQL database you'll be using
   b) an SQL method "check_user" with a parameter "username", which does a
"select username from usertable where username = <dtml-sqlvar username
type=string>"
   c) an SQL method "check_user" with parameters "username" and "password",
which does a "select username from usertable where username = <dtml-sqlvar
username type=string> and password = <dtml-sqlvar password type=string>"
   d) an SQL method "get_roles" with a paramter "username" that does "select
groupname from group_members where username = <dtml-sqlvar username
type=string>" (or whatever is appropriate for your database)

5) Add the DTML methods WITH A DIFFERENT NAME - DON'T add
userAuthenticate,userExists,userRoles - add (say)
xuserAuthenticate,xuserExists,xuserRoles
   a) xuserExists should read:

<dtml-in "HDB_check_user(username=username)">
  <dtml-if "_['sequence-item'].username == username">
    <dtml-return "_.int('1')">
  </dtml-if>
</dtml-in>

<dtml-return "_.int('0')">

   b) xuserAuthenticate should read:

<dtml-in "HDB_check_password(username=username,password=password)">
  <dtml-if "_['sequence-item'].username == username">
    <dtml-return "_.int('1')">
  </dtml-if>
</dtml-in>

<dtml-return "_.int('0')">

   c) xuserRoles should read

<dtml-call "REQUEST.set('ret', '')">
<dtml-in "HDB_get_roles(username=username)">
  <dtml-call "REQUEST.set('ret', ret+' '+groupname)">
</dtml-in>

<dtml-return ret>


6) Give the "Manager" proxy role to the DTML methods, so they can access the
SQL methods you just created
7) Turn off acquisition of the permissions on the test folder, and be sure
to add read permissions to any local roles you're using
8) Make a copy of the test folder now, before it all goes wrong...
9) Batch rename the DTML method (e.g. s/x(.*)/$1/g in perl-speak) - if
you're lucky, it will work.

I have to say, I'm not hugely impressed...

Regards,
Phil

+----------------------------------+
| Phil Mayers, Network Support     |
| Centre for Computing Services    |
| Imperial College                 |
+----------------------------------+  

-----Original Message-----
From: Mayers, Philip J [mailto:p.mayers@ic.ac.uk]
Sent: 11 December 2000 20:34
To: 'zope@zope.org'
Subject: RE: [Zope] LoginManager broken?


Thanks, I'll take a look.

Re: LoginManager - After a fast turnaround (confirming my ample faith in
Open Source software) Magnus Heino pointed me in the right direction - the
dtml methods and SQL objects need to be inside the UserSource folder, *not*
the LoginManager folder as the Howto implies (or maybe I just can't
read...). Can someone confirm that the SQL methods need to be inside the
UserSource folder? (which is mildly annoying, but there we go...)

I'm still having some problems getting multiple roles working, but it's
behaving itself for now. Now all I have to do is solve my LIMIT problem...

Regards,
Phil

+----------------------------------+
| Phil Mayers, Network Support     |
| Centre for Computing Services    |
| Imperial College                 |
+----------------------------------+  

-----Original Message-----
From: dan@sol.control.com [mailto:dan@sol.control.com]
Sent: 11 December 2000 20:18
To: Mayers, Philip J
Cc: 'zope@zope.org'
Subject: Re: [Zope] LoginManager broken?


You might look at http://www.zope.org/Members/dlpierson/sqlLogin for a
different approach that works for me in early testing.  Note that it
needs additional work before being turned loose on a live site.

Dan Pierson

"Mayers, Philip J" <p.mayers@ic.ac.uk> writes:

> Does it even *work*? Even a little bit? Because other than repeating the
> same process 12 damn times, so far I'm not convinced. Maybe I'll look in
the
> source code to see if there's actually anything in the files (other than a
> HOWTO.txt, which is empty, which BTW is more annoying than there not being
> one).
> 
> The "LoginManager with SQL database" on the Zope site seems to end up with
> me having a folder I can't access through the management interface (unless
> you count "management" as "this is the index_html" document) Wow, thanks!
> Now I have to delete it and start all over again...
> 
> In all seriousness - there *must* be one person who has gotten an
SQL-backed
> LoginManger working with 2.2.4 - surely?
> 
> Thanks for all the great work (little bugs aside...) - Zope is a wonderful
> product! Now if only it could serve XML as well as Cocoon...
> 
> Regards,
> Phil
> 
> +----------------------------------+
> | Phil Mayers, Network Support     |
> | Centre for Computing Services    |
> | Imperial College                 |
> +----------------------------------+  
> 
> _______________________________________________
> Zope maillist  -  Zope@zope.org
> http://lists.zope.org/mailman/listinfo/zope
> **   No cross posts or HTML encoding!  **
> (Related lists - 
>  http://lists.zope.org/mailman/listinfo/zope-announce
>  http://lists.zope.org/mailman/listinfo/zope-dev )

_______________________________________________
Zope maillist  -  Zope@zope.org
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )