[Zope-dev] ZPublisher.Client and encrypted passwords

Danny W. Adair danny@adair.net
Wed, 26 Mar 2003 09:38:02 +1200


Hi,

I need to make an authenticated call from one Zope server to another.

Although the two servers share most of their object trees (including the 
main user folder) through a common ZEO ClientStorage, I have to call the 
script on a _specific_ machine, since it will make changes to the local 
file system.

So basically, I want to do something similar to calling
http://currentUID:currentPWD@other_host/makeLocalChanges

Now my problem(I'm using ZPublisher.Client):
I have to make that call with the current (!) user's name and password 
(which are stored on both machines thanks to the ClientStorage) but the 
passwords in my user folder are encrypted - which I had thought was a (TM) 
good thing. :-)

So calling _getPassword() on the user object gives me something that starts 
with "{SHA}", which ZPublisher.Client.call() won't eat - it expects a plain 
password and then does the usual base64.

How can I accomplish this?

I figure I either need to

- find a way to get the unencrypted password. I consider this the less 
elegant (and less secure) approach: I don't want to _know_ the current 
user's password, I just want to _use_ it... :-)

- use a different approach to call the other server (like passing a copy of 
the current Auth header or something...)

I'm not sure how to do either...

Thank you very much for your help,
Danny