[Zope-CMF] Re: Understanding the login mechanism
Seb Bacon
seb at jamkit.com
Wed Oct 8 07:05:38 EDT 2003
The CookieCrumbler uses cookies to imitate HTTP Basic Authentication.
This is read by the validate method on a BasicUserFolder (see 'validate'
and 'identify' methods in AccessControl/User.py) to provide authentication.
seb
Gitte Wange wrote:
> Hello,
>
> I'm about to make a new userfolder product that allows people to login to a
> portal from other sites. But in order to even start-out such a thing, I need
> to understand exactly how the login mechanism works.
>
> I have looked at the CookieCrumbler in CMF.
> I know that a user is logged-in if the __ac cookie is set.
> And a user get's logged in if the __ac_name and __ac_password variables are
> available in the REQUEST object.
>
> But where is the user set in the SecurityManager ??
> Maybe someone can point me to a specific place in the code to look ....
>
More information about the Zope-CMF
mailing list