On Thu, 16 Nov 2006, Maciej Wisniowski wrote:
Does the 2.7 edition of the zope book that I can find on plope.org cover security as handled by PAS? No. I saw the second message for this, so what I read about order of actions in th 2.7 book will apply to how PAS is working as well? I just don't want to get confused by learning something that isn't actually how my system is working.
If you are interested, the 'RemoteUserAuth' product and it's companion, 'CACSiteRoot', the sources can be downloaded from the tutorial page:
Yup, I've just downloaded those.
Seems that RemoteUserAuth does some dirty hacks in Zope publisher :/ This seems to be from 2004. I'm not sure if it'll work with newer Zope versions. CACSiteRoot seems to translate URLs... something like VirtualHostMonster. But I'm not sure why somebody reinvented the whell so it possibly does something more.
Yeah, I'm not so sure either, but the instructions say to use them, so I'm using them. I think the reason for CACSiteRoot is to preserve the http/https nature of the original request header, but why is not totally clear to me (to say the least) ;)
It'd be great, though if there were zope gurus out there who had experience working with pubcookie. I've found a few messages on boards from a while back that seemed to indicate that there were folks working on a PAS plugin that would incorporate pubcookie, but I haven't seen any information indicating that that was ever successful. Hm... I've looked at: http://www.pubcookie.org/docs/how-pubcookie-works.html
This is not detailed enough but seems that it should be not difficult to do it with PAS. In general it is a bit similiar to CAS solution, but CAS doesn't use so much cookies. I mean CAS4PAS may be a good base for Pubcookie4PAS :)
If you want to know more about PAS take a look into it's sources at interfaces.py and docs/. Yeah, I knew I'd need to get good at reading python sooner or later.
If you want you may take a look at CAS4PAS plugin. It is simple, but it is good to know how CAS and PAS works to understand this. I will do so. This seems a good place to start
-- Maciej Wisniowski