Use of GRUF with exUserFolder/PostgreSQL broken?
Dear GRUF and exUserFolder developers, and others familiar with both APIs: I'm trying to use both of your products together, as in: acl_users [ GRUF Folder ] | \- Users | | | \- acl_users [ exUserFolder/PostgreSQL ] | \- Groups | \- acl_users [ normal Zope UserFolder ] I've used exUserFolder before without problems, and have tested GRUF with normal Zope UserFolders without problem. I'm able to setup the configuration above and can add users using the exUserFolder acl_users interface. The problem is: When a user tries to log in, this calls the GRUF authenticate method, which is: def authenticate(self, password, request): return self.__underlying__.authenticate(password, request) This calls the actual acl_users folder authenticate method. For a standard Zope UserFolder, this is: def authenticate(self, password, request): [ ... ] so it works fine. However, when called with an exUserFolder as the UserFolder, there is no authenticate method on the user folder for PostgreSQL authentication. Rather, there is an authenticate method only on the User object itself. The signature for this is: def authenticate(self, listOneUser, password, request, remoteAuth=None): There are "std_validate" and "cookie_validate" methods of exUserFolder.exUserFolder, but these validate, rather than just authenticate a user. So, when GRUF tries to authenticate a user using the standard Zopish API, it misses the user folder (which has no matching API method), and hits the xUF.User object, which has a different method. I could modify the GRUF source to hardcode my listOneUser object, and pass that along with the call (though I haven't tested this yet). However, I'm not sure that's The Right Thing To Do, and that would have me lose all of the caching that xUF can provide, since it would do a DB call every time. I'd love to use your products together. Can either of you provide any help on this? If this is something not in your anticipated development improvements for the product, it's possible that we'd consider sponsoring some time to get these two products working together. Thanks! - j. -- Joel BURTON | joel@joelburton.com | joelburton.com | aim: wjoelburton Independent Knowledge Management Consultant
+-------[ Joel Burton ]---------------------- | However, when called with an exUserFolder as the UserFolder, there is no | authenticate method on the user folder for PostgreSQL authentication. | Rather, there is an authenticate method only on the User object itself. | The signature for this is: | | def authenticate(self, listOneUser, password, request, remoteAuth=None): XUF subclasses BasicUserFolder which contains the authenticate method. XUF from CVS explicitly overrides this method. My advice is to try XUF from CVS. -- Totally Holistic Enterprises Internet| | Andrew Milton The Internet (Aust) Pty Ltd | M:+61 416 022 411 | ACN: 082 081 472 ABN: 83 082 081 472 |akm@theinternet.com.au| Carpe Daemon
On Thu, Mar 13, 2003 at 01:15:31PM +0000, Chris Withers wrote:
Joel Burton wrote:
Dear GRUF and exUserFolder developers, and others familiar with both
Haven't heard of GRUF before. What is it? Where can I find out more?
GRUF == GroupUserFolder, an implementation of groups for Zope. Unlike NuxUserGroups, which patches various parts of Zope to get its group-enabling magic working, GRUF uses a clever acl_folder replacement to do its thing. It's a smart idea. You can find details at http://www.zope.org/Members/ingeniweb/GroupUserFolder It advertises itself as compatible w/any user-folder replacement, since it strives to look like a normal user folder. Unfortunately, the perfect-compatibility isn't exactly on-target; hence, my message. BTW, for others chasing the same problem: Andrew, the author of exUserFolder, suggested that I install the CVS version of exUserFolder and use this, as it provides the correct method on the user folder, rather than just the user object. This is true, but the signature for the method is different, and therefore still requires a small patch in GRUF: line 233 (body of authenticate()) of GRUFUser.py should be changed to: return self.aq_parent.Users.acl_users.authenticate( self.getId(), password, request ) Fixing two problems: the acquisition path at the start gets us to the exUserFolder folder, and it adds self.getId(), as exUF requires the username to be passed to its authenticate method (unlike Zope BasicUserFolder). == The CVS version of exUserFolder contains support for using NuxUserGroups built-in, so that *might* be a better choice for others. I'd prefer to see more documentation & stories about the success/performance of NUG, given that it monkeypatches Zope internals. Plus, I'd hate to see that my next UserFolder choice (LDAP? who knows?) wouldn't work with it. == (... and not to be the zillionth person to say this, but why, oh, why, hasn't someone added groups concept to the zope core? ;) )
cheers,
Chris
You too, Chris. Hope things are going well. -- Joel BURTON | joel@joelburton.com | joelburton.com | aim: wjoelburton Independent Knowledge Management Consultant
participants (3)
-
Andrew Kenneth Milton -
Chris Withers -
Joel Burton