Hi, I need to make an authenticated call from one Zope server to another. Although the two servers share most of their object trees (including the main user folder) through a common ZEO ClientStorage, I have to call the script on a _specific_ machine, since it will make changes to the local file system. So basically, I want to do something similar to calling http://currentUID:currentPWD@other_host/makeLocalChanges Now my problem(I'm using ZPublisher.Client): I have to make that call with the current (!) user's name and password (which are stored on both machines thanks to the ClientStorage) but the passwords in my user folder are encrypted - which I had thought was a (TM) good thing. :-) So calling _getPassword() on the user object gives me something that starts with "{SHA}", which ZPublisher.Client.call() won't eat - it expects a plain password and then does the usual base64. How can I accomplish this? I figure I either need to - find a way to get the unencrypted password. I consider this the less elegant (and less secure) approach: I don't want to _know_ the current user's password, I just want to _use_ it... :-) - use a different approach to call the other server (like passing a copy of the current Auth header or something...) I'm not sure how to do either... Thank you very much for your help, Danny
On March 26, Danny W. Adair wrote:
- use a different approach to call the other server (like passing a copy of the current Auth header or something...)
BaseRequest._auth holds the original auth header, so you can just forward it along. a. -- Adrian van den Dries adriand@flow.com.au Development team www.dev.flow.com.au FLOW Communications Pty. Ltd. www.flow.com.au
At 10:04 AM 3/26/2003 +1100, Adrian van den Dries wrote:
On March 26, Danny W. Adair wrote:
- use a different approach to call the other server (like passing a copy of the current Auth header or something...)
BaseRequest._auth holds the original auth header, so you can just forward it along.
Thanks. How would I do that? ZPublisher.Client.call() is very convenient but only takes url,username,pwd... Is there a workaround, maybe with urllib? Thanks you, Danny
On March 26, Danny W. Adair wrote:
Thanks. How would I do that? ZPublisher.Client.call() is very convenient but only takes url,username,pwd...
import base64 user, pass = base64.decodestring(req._auth.split(' ')[1]).split(':') a. -- Adrian van den Dries adriand@flow.com.au Development team www.dev.flow.com.au FLOW Communications Pty. Ltd. www.flow.com.au
At 10:23 AM 3/26/2003 +1100, Adrian van den Dries wrote:
On March 26, Danny W. Adair wrote:
Thanks. How would I do that? ZPublisher.Client.call() is very convenient but only takes url,username,pwd...
import base64 user, pass = base64.decodestring(req._auth.split(' ')[1]).split(':')
Nice. Thank you! Btw, I changed "pass" to "pwd" :-) Danny
Danny W. Adair wrote:
At 10:23 AM 3/26/2003 +1100, Adrian van den Dries wrote:
On March 26, Danny W. Adair wrote:
Thanks. How would I do that? ZPublisher.Client.call() is very convenient but only takes url,username,pwd...
import base64 user, pass = base64.decodestring(req._auth.split(' ')[1]).split(':')
Nice.
and then when the users's password contains a ':' ...
On Tue, 2003-03-25 at 23:35, Jamie Heilman wrote:
Danny W. Adair wrote:
At 10:23 AM 3/26/2003 +1100, Adrian van den Dries wrote:
On March 26, Danny W. Adair wrote:
Thanks. How would I do that? ZPublisher.Client.call() is very convenient but only takes url,username,pwd...
import base64 user, pass = base64.decodestring(req._auth.split(' ')[1]).split(':')
and then when the users's password contains a ':' ...
user, pass = base64.decodestring(req._auth.split(' ')[1]).split(':', 1) Cheers, Leo -- Ideas don't stay in some minds very long because they don't like solitary confinement.
participants (4)
-
Adrian van den Dries -
Danny W. Adair -
Jamie Heilman -
Leonardo Rochael Almeida