RE: [Zope] CookieCrumbler Authentication
I created the cookie crumbler instance and indeed the login form says that I've successfully logged in, however it's not exactly what I want here. I need to use my own login page, not CC's default login page. Mine is actually the index_html with a form element in it. Where do I point that form so that it calls to CC's authentication properly? What do I call the username and password text box form elements on my page? How do I make it go to the members folder upon successfully authing? How do I set it up so that I can do various error responses in my index_html page with the form on it (i.e. people who fail to auth need to be taken back to that page and see a message above the login form telling them that it failed to auth them)? kittonian -----Original Message----- From: Alexis Roda [mailto:arv@si.urv.es] Sent: Wednesday, January 07, 2004 4:29 AM To: kittonian@macgenius.net Subject: Re: [Zope] CookieCrumbler Authentication kittonian wrote:
Ok. I've got SimpleUserFolder all setup and working properly (even authing users against a pgsql db which is cool). Since SUF only supports basic HTTP authentication and I need to have a login form and use cookies to properly authenticate users it was suggested that I use cookie crumbler. I've got that installed and I sort of see how it all works but I'm not sure how to proceed at the moment.
All you need is to add a CookieCrumble at the same level as the acl_users. When you add the CC check the "create default forms" option so CC will create some default forms (login page, logout page and failed authorization page) and customize the forms to suit your needs. When you try to access the protected area you'll get the CC's login page. Your main index_html may be just: <dtml-call expr="REQUEST.RESPONSE.redirect('url_to_protected_area')"> HTH -- //// (@ @) ---------------------------oOO----(_)----OOo------------------------ Los pecados de los tres mundos desapareceran conmigo. Alexis Roda - Universitat Rovira i Virgili - Reus, Tarragona (Spain) --------------------------------------------------------------------
kittonian wrote at 2004-1-7 12:55 -0500:
I created the cookie crumbler instance and indeed the login form says that I've successfully logged in, however it's not exactly what I want here. I need to use my own login page, not CC's default login page.
You can customize CC instances via the ZMI. The field "Login page ID" is relevant for your current needs. -- Dieter
On Wed, 7 Jan 2004 12:55:40 -0500 "kittonian" <kittonian@macgenius.net> wrote:
I created the cookie crumbler instance and indeed the login form says that I've successfully logged in, however it's not exactly what I want here. I need to use my own login page, not CC's default login page. Mine is actually the index_html with a form element in it. Where do I point that form so that it calls to CC's authentication properly?
You don't need to point it anywhere in particular. It can just go to the same page (i.e., <form action=".">). What matters is the names of the username and password input elements. They need to match the names configures in CookieCrumbler (__ac_name and __ac_password are the defaults). It will sniff for them on the next request and log the user in if they match a user (and you are not logged in through basic auth).
What do I call the username and password text box form elements on my page? How do I make it go to the members folder upon successfully authing? How do I set it up so that I can do various error responses in my index_html page with the form on it (i.e. people who fail to auth need to be taken back to that page and see a message above the login form telling them that it failed to auth them)?
This is also configure in CC (defaults to login_form). Normally this would be a separate login only form where users are redirected on unauthorized. CC will handle redirecting the user back to the URL they came from. You can make this go to your home page if you like, but that will probably confuse users of the site. hth, -Casey
participants (3)
-
Casey Duncan -
Dieter Maurer -
kittonian