[Checkins] SVN: Products.PluggableAuthService/branches/shh-15-masquerading/Products/PluggableAuthService/ User masquerading. Adapted from a patch against PAS 1.0.4.
Wichert Akkerman
wichert at wiggy.net
Fri Feb 27 16:45:47 EST 2009
Hi Stefan,
Previously Stefan H. Holek wrote:
> Log message for revision 97359:
> User masquerading. Adapted from a patch against PAS 1.0.4.
>
> Logging in as AUTHUSER/ROLEUSER (e.g. 'admin/jdoe') authenticates
> against AUTHUSER but returns ROLEUSER. As a security precaution,
> AUTHUSER must have the Manager role. Note: AUTHUSER and ROLEUSER
> must live in the same user folder.
What happens if someone as a / in his login name? How do you plan to
deal with differing login and usernames?
Is there a reason this is not doable with plugins?
Wichert.
--
Wichert Akkerman <wichert at wiggy.net> It is simple to make things.
http://www.wiggy.net/ It is hard to make things simple.
More information about the Checkins
mailing list