I'm having a problem figuring out how to keep things secure while allowing a proxied script to call a page template correctly. /details/sendDetails Python script that is publicly available, receives an email address and sends that person thier details stored in the database. The script has proxy rights of "Administrator". /admin/person/emaildetails.htm Page template that is secured (admin folder is Administrator only for "view" and "access contents information"). The anonymous user is prompted for authentication. If I change emaildetails.htm to a simple "test" text file it works, the problem seems to lie when the template tries to access any script from the context. I tried to give those scripts proxy rights too but that had no effect. Am I going about this the wrong way, is there something I missed, or am I just going to have to revert to rewriting the whole details.htm as DTML?
Chris Beaven wrote at 2005-9-27 16:54 +1200:
I'm having a problem figuring out how to keep things secure while allowing a proxied script to call a page template correctly.
/details/sendDetails Python script that is publicly available, receives an email address and sends that person thier details stored in the database. The script has proxy rights of "Administrator".
/admin/person/emaildetails.htm Page template that is secured (admin folder is Administrator only for "view" and "access contents information").
The anonymous user is prompted for authentication.
It calls "sendDetails"? ... which in turn calls "emaildetails.htm"?
If I change emaildetails.htm to a simple "test" text file it works, the problem seems to lie when the template tries to access any script from the context.
In principle, it should have no problems to access scripts. *HOWEVER* note that proxy roles are not passed to called objects. Thus, "emaildetails.htm" does not run with proxy roles. If it accesses objects from "admin folder", then you will get an "Unauthorized". A possible solution could be: let "sendDetail" access and process all protected information and pass the results only (hopefully elementary and therefor unrestricted) to the page template for formatting. Let "sendDetail" then send the formatted message itself. -- Dieter
Dieter Maurer wrote:
*HOWEVER* note that proxy roles are not passed to called objects. Thus, "emaildetails.htm" does not run with proxy roles. If it accesses objects from "admin folder", then you will get an "Unauthorized".
A possible solution could be: let "sendDetail" access and process all protected information and pass the results only (hopefully elementary and therefor unrestricted) to the page template for formatting. Let "sendDetail" then send the formatted message itself.
Thank You Dieter, The problem I was having is that I didn't realise that proxy roles are not passed to called objects. Like you suggested, I called all protected objects from the proxyed script and passed the return values through to the page template. All working wonderfully now.
participants (3)
-
Andreas Jung -
Chris Beaven -
Dieter Maurer