[BlueBream] PAU + loginpagename = FAIL
Dr. Volker Jaenisch
volker.jaenisch at inqbus.de
Wed May 19 18:23:34 EDT 2010
Hi Bluebream list!
Tried to use the PAU feature of the challenge mechanism
of the sessionbasedcredential plugin.
The main registration of PAU :
@adapter(INewMLSApplicationEvent)
def createPAU( event ):
sm = event.object.getSiteManager()
pau = PluggableAuthentication()
sm['authentication'] = pau
sm.registerUtility(pau, IAuthentication)
users = PrincipalFolder()
sm['authentication']['Users'] = users
sm.registerUtility(users, IAuthenticatorPlugin, name="Users")
pau.credentialsPlugins = ( "No Challenge if Authenticated", "Session
Credentials" )
# introduce my own login page
for name, plugin in pau.getCredentialsPlugins():
#iterate over all credential plugin tupels
if hasattr(plugin,'loginpagename'):
plugin.loginpagename = '@@login'
This code should bring the functionality that an unauthorized user will jump
to the login page (@@login).
I addressed without a former login the following URL
http://127.0.0.1:8080/test11/@@test
where test11 is my custom site-manager-instance and @@test a empty
test-view just
containing a pdb in __call__.
class testPage(BrowserPagelet):
"""test pagelet"""
def __call__(self):
import pdb; pdb.set_trace()
def update(self):
import pdb; pdb.set_trace()
I end up with
URL: http://127.0.0.1:8080/test11/%40%40test
Module paste.evalexception.middleware:*306* in |respond|
<http://127.0.0.1:8080/test11/@@test#>
|<< <http://127.0.0.1:8080/test11/@@test#> *try**:*
__traceback_supplement__ *=*
errormiddleware*.*Supplement*,* self*,* environ
app_iter *=* self*.*application*(*environ*,*
detect_start_response*)*
*try**:*
return_iter *=* list*(*app_iter*)*||>>
<http://127.0.0.1:8080/test11/@@test#>app_iter *=*
self*.*application*(*environ*,* detect_start_response*)*|
Module paste.translogger:*68* in |__call__|
<http://127.0.0.1:8080/test11/@@test#>
|<< <http://127.0.0.1:8080/test11/@@test#>
self.write_log(environ, method, req_uri, start, status, bytes)
return start_response(status, headers)
return self.application(environ, replacement_start_response)
def write_log(self, environ, method, req_uri, start, status,
bytes):||>> <http://127.0.0.1:8080/test11/@@test#>*return*
self*.*application*(*environ*,* replacement_start_response*)*|
Module zope.app.wsgi:*59* in |__call__|
<http://127.0.0.1:8080/test11/@@test#>
|<< <http://127.0.0.1:8080/test11/@@test#> handle_errors *=*
environ*.*get*(*'wsgi.handleErrors'*,* self*.*handleErrors*)*
request *=* publish*(*request*,*
handle_errors*=*handle_errors*)*
response *=* request*.*response
# Get logging info from principal for log use||>>
<http://127.0.0.1:8080/test11/@@test#>request *=* publish*(*request*,*
handle_errors*=*handle_errors*)*|
Module zope.publisher.publish:*131* in |publish|
<http://127.0.0.1:8080/test11/@@test#>
|<< <http://127.0.0.1:8080/test11/@@test#>
obj *=*
publication*.*getApplication*(*request*)*
obj *=* request*.*traverse*(*obj*)*
publication*.*afterTraversal*(*request*,* obj*)*||>>
<http://127.0.0.1:8080/test11/@@test#>obj *=* request*.*traverse*(*obj*)*|
Module zope.publisher.browser:*556* in |traverse|
<http://127.0.0.1:8080/test11/@@test#>
|<< <http://127.0.0.1:8080/test11/@@test#>
nsteps *=* *0*
ob*,* add_steps *=*
publication*.*getDefaultTraversal*(*self*,* ob*)*
*while* add_steps*:*
nsteps *+=* len*(*add_steps*)*||>>
<http://127.0.0.1:8080/test11/@@test#>ob*,* add_steps *=*
publication*.*getDefaultTraversal*(*self*,* ob*)*|
Module zope.app.publication.browser:*36* in |getDefaultTraversal|
<http://127.0.0.1:8080/test11/@@test#>
|<< <http://127.0.0.1:8080/test11/@@test#> *if*
IBrowserPublisher*.*providedBy*(*ob*)**:*
# ob is already proxied, so the result of calling a
method will be
*return* ob*.*browserDefault*(*request*)*
*else**:*
adapter *=* queryMultiAdapter*(**(*ob*,* request*)**,*
IBrowserPublisher*)*||>> <http://127.0.0.1:8080/test11/@@test#>*return*
ob*.*browserDefault*(*request*)*|
*Unauthorized: (<z3c.pagelet.zcml.testPage object at 0x9e4838c>,
'browserDefault', 'zope.ManageContent')
*This trace is correct in so far that the view has the following
permission settings:
<!-- test form -->
<z3c:pagelet
for="*"
name="test"
class=".test.testPage"
permission="zope.ManageContent"
layer="propertyshelf.mls.skin.interfaces.IDefaultLayer"
/>
*
*
1) The plugin "Session Credentials" is registered and works.
I know this because the "extractCredentials"-Routine of the plugin is
called and
it is my instance of this plugin because it has its loginpagename set to
"@@login" which is not the default value.
2) But the "challenge"-routine of the plugin which should bring up the
login page is never called.
3) I traced that back into PAU itself. The "unauthorized"-routine in
zope.pluggableauth-1.0.1-py2.6.egg/zope/pluggableauth/authentication.py
which will in turn call the plugins challenge-routine is also not called.
4) But the routine "unauthenticatedPrincipal" is called which is not
implemented.
5) I had the slight suspicion that this has something to do with the
exception/event-handling.
So I tried to run the bluebream instance not in debug-mode (which
catches some ecxeptions) but in
deploy-mode utilizing
./bin/paster serve deploy.ini
But this ends in the following stacktrace
2010-05-20T00:08:57 ERROR SiteError Error while reporting an error to
the Error Reporting utility
Traceback (most recent call last):
File
"/home/volker/workspace/vbb/propertyshelf.mls/eggs/zope.app.publication-3.10.2-py2.6.egg/zope/app/publication/zopepublication.py",
line 263, in _logErrorWithErrorReportingUtility
errUtility = zope.component.getUtility(IErrorReportingUtility)
File
"/home/volker/workspace/vbb/propertyshelf.mls/eggs/zope.component-3.9.3-py2.6.egg/zope/component/_api.py",
line 171, in getUtility
raise ComponentLookupError(interface, name)
ComponentLookupError: (<InterfaceClass
zope.error.interfaces.IErrorReportingUtility>, '')
<zope.publisher.interfaces.EndRequestEvent object at 0x94185ac>
Any help or idea appreciated
Volker
--
====================================================
inqbus it-consulting +49 ( 341 ) 5643800
Dr. Volker Jaenisch http://www.inqbus.de
Herloßsohnstr. 12 0 4 1 5 5 Leipzig
N O T - F Ä L L E +49 ( 170 ) 3113748
====================================================
More information about the bluebream
mailing list