[Zope] custom authentication

Dieter Maurer dieter@handshake.de
Wed, 5 Mar 2003 20:19:19 +0100


Andrew Altepeter wrote at 2003-3-4 15:57 -0600:
 > ...
 > > Have a look at CookieCrumber (as an example).
 > 
 > Ok, I see.  It seems that exUserFolder is an incomplete product then,
 > since it does not override the unauthorized method.  As such, it cannot
 > prevent Basic auth's from slipping through unannounced...?
 > __________
 > Looking in CookieCrumbler.py, I see that the __call__ method replaces
 > the response.unauth methods.  But when I try to do that, I get a
 > complaint from zope:
 >   File "/usr/local/Zope/lib/python/ZPublisher/HTTPResponse.py", line
 > 662, in exception
 >     self._unauthorized()
 > TypeError: unbound Python method must be called with PortalUserFolder
 > 1st argument
 > ----------
 > ....
 > HTTPResponse.unauthorized = PortalUserFolder.unauthorized

You have set it to a class method (more precisely, an
"unbound method instance"). To help prevent trivial
programming errors, they check that an object of the
correct type is passed in.

You get the underlying function through the "im_func" pseudo
attribute. Thus, you use

   HTTPResponse.unauthorized = PortalUserFolder.unauthorized.im_func


Dieter