[BlueBream] PAU + loginpagename = FAIL

Dr. Volker Jaenisch volker.jaenisch at inqbus.de
Wed May 19 18:23:34 EDT 2010


Hi Bluebream list!

Tried to use the PAU feature of the challenge mechanism
of the sessionbasedcredential plugin.

The main registration of PAU :

@adapter(INewMLSApplicationEvent)
def createPAU( event ):
    sm = event.object.getSiteManager()
    pau = PluggableAuthentication()
    sm['authentication'] = pau
    sm.registerUtility(pau, IAuthentication)
    users = PrincipalFolder()
    sm['authentication']['Users'] = users
    sm.registerUtility(users, IAuthenticatorPlugin, name="Users")
    pau.credentialsPlugins = ( "No Challenge if Authenticated", "Session 
Credentials" )

    # introduce my own login page
    for name, plugin in pau.getCredentialsPlugins():
        #iterate over all credential plugin tupels
        if hasattr(plugin,'loginpagename'):
            plugin.loginpagename = '@@login'

This code should bring the functionality that an unauthorized user will jump
to the login page (@@login).

I addressed without a former login the following URL

http://127.0.0.1:8080/test11/@@test

where test11 is my custom site-manager-instance and @@test a empty 
test-view just
containing a pdb in __call__.

class testPage(BrowserPagelet):
    """test pagelet"""

    def __call__(self):
        import pdb; pdb.set_trace()

    def update(self):
        import pdb; pdb.set_trace()

I end up with
URL: http://127.0.0.1:8080/test11/%40%40test
Module paste.evalexception.middleware:*306* in |respond|         
<http://127.0.0.1:8080/test11/@@test#>
|<<  <http://127.0.0.1:8080/test11/@@test#>        *try**:*
                __traceback_supplement__ *=* 
errormiddleware*.*Supplement*,* self*,* environ
                app_iter *=* self*.*application*(*environ*,* 
detect_start_response*)*
                *try**:*
                    return_iter *=* list*(*app_iter*)*||>>  
<http://127.0.0.1:8080/test11/@@test#>app_iter *=* 
self*.*application*(*environ*,* detect_start_response*)*|
Module paste.translogger:*68* in |__call__|         
<http://127.0.0.1:8080/test11/@@test#>
|<<  <http://127.0.0.1:8080/test11/@@test#>            
self.write_log(environ, method, req_uri, start, status, bytes)
                return start_response(status, headers)
            return self.application(environ, replacement_start_response)
   
        def write_log(self, environ, method, req_uri, start, status, 
bytes):||>>  <http://127.0.0.1:8080/test11/@@test#>*return* 
self*.*application*(*environ*,* replacement_start_response*)*|
Module zope.app.wsgi:*59* in |__call__|         
<http://127.0.0.1:8080/test11/@@test#>
|<<  <http://127.0.0.1:8080/test11/@@test#>        handle_errors *=* 
environ*.*get*(*'wsgi.handleErrors'*,* self*.*handleErrors*)*
   
            request *=* publish*(*request*,* 
handle_errors*=*handle_errors*)*
            response *=* request*.*response
            # Get logging info from principal for log use||>>  
<http://127.0.0.1:8080/test11/@@test#>request *=* publish*(*request*,* 
handle_errors*=*handle_errors*)*|
Module zope.publisher.publish:*131* in |publish|         
<http://127.0.0.1:8080/test11/@@test#>
|<<  <http://127.0.0.1:8080/test11/@@test#>
                                obj *=* 
publication*.*getApplication*(*request*)*
                                obj *=* request*.*traverse*(*obj*)*
                                
publication*.*afterTraversal*(*request*,* obj*)*||>>  
<http://127.0.0.1:8080/test11/@@test#>obj *=* request*.*traverse*(*obj*)*|
Module zope.publisher.browser:*556* in |traverse|         
<http://127.0.0.1:8080/test11/@@test#>
|<<  <http://127.0.0.1:8080/test11/@@test#>
                nsteps *=* *0*
                ob*,* add_steps *=* 
publication*.*getDefaultTraversal*(*self*,* ob*)*
                *while* add_steps*:*
                    nsteps *+=* len*(*add_steps*)*||>>  
<http://127.0.0.1:8080/test11/@@test#>ob*,* add_steps *=* 
publication*.*getDefaultTraversal*(*self*,* ob*)*|
Module zope.app.publication.browser:*36* in |getDefaultTraversal|       
  <http://127.0.0.1:8080/test11/@@test#>
|<<  <http://127.0.0.1:8080/test11/@@test#>        *if* 
IBrowserPublisher*.*providedBy*(*ob*)**:*
                # ob is already proxied, so the result of calling a 
method will be
                *return* ob*.*browserDefault*(*request*)*
            *else**:*
                adapter *=* queryMultiAdapter*(**(*ob*,* request*)**,* 
IBrowserPublisher*)*||>>  <http://127.0.0.1:8080/test11/@@test#>*return* 
ob*.*browserDefault*(*request*)*|
*Unauthorized: (<z3c.pagelet.zcml.testPage object at 0x9e4838c>, 
'browserDefault', 'zope.ManageContent')

*This trace is correct in so far that the view has the following 
permission settings:
  <!-- test form -->

  <z3c:pagelet
      for="*"
      name="test"
      class=".test.testPage"
      permission="zope.ManageContent"
      layer="propertyshelf.mls.skin.interfaces.IDefaultLayer"
      />
*
*
1) The plugin "Session Credentials" is registered and works.
I know this because the "extractCredentials"-Routine of the plugin is 
called and
it is my instance of this plugin because it has its loginpagename set to 
"@@login" which is not the default value.

2) But the "challenge"-routine of the plugin which should bring up the 
login page is never called.

3) I traced that back into PAU itself. The "unauthorized"-routine in
zope.pluggableauth-1.0.1-py2.6.egg/zope/pluggableauth/authentication.py
which will in turn call the plugins challenge-routine is also not called.

4) But the routine "unauthenticatedPrincipal" is called which is not 
implemented.

5) I had the slight suspicion that this has something to do with the 
exception/event-handling.
So I tried to run the bluebream instance not in debug-mode (which 
catches some ecxeptions) but in
deploy-mode utilizing
./bin/paster serve deploy.ini

But this ends in the following stacktrace

2010-05-20T00:08:57 ERROR SiteError Error while reporting an error to 
the Error Reporting utility
Traceback (most recent call last):
  File 
"/home/volker/workspace/vbb/propertyshelf.mls/eggs/zope.app.publication-3.10.2-py2.6.egg/zope/app/publication/zopepublication.py", 
line 263, in _logErrorWithErrorReportingUtility
    errUtility = zope.component.getUtility(IErrorReportingUtility)
  File 
"/home/volker/workspace/vbb/propertyshelf.mls/eggs/zope.component-3.9.3-py2.6.egg/zope/component/_api.py", 
line 171, in getUtility
    raise ComponentLookupError(interface, name)
ComponentLookupError: (<InterfaceClass 
zope.error.interfaces.IErrorReportingUtility>, '')
<zope.publisher.interfaces.EndRequestEvent object at 0x94185ac>

Any help or idea appreciated

Volker

-- 
====================================================
   inqbus it-consulting      +49 ( 341 )  5643800
   Dr.  Volker Jaenisch      http://www.inqbus.de
   Herloßsohnstr.    12      0 4 1 5 5    Leipzig
   N  O  T -  F Ä L L E      +49 ( 170 )  3113748
====================================================



More information about the bluebream mailing list