[Zope-dev] z3c.password and xmlrpc

Niklas Andersson ask.nil at gmail.com
Mon Dec 27 07:00:33 EST 2010


Hello,

Apologies if I send this to the wrong list. Please advise a better
list if this is the case.

I have a problem with making z3c.password register failed attempts
with an InternalPrincipal and PrincipalFolder within a PAU.
I have set up the PAU like this

pau.credentialsPlugins = ( "No Challenge if Authenticated", "Session
Credentials", "Zope Realm Basic-Auth" )

This works fine for users logging in through a browser. The
InternalPrincipals registers failedAttempts as expected. The PAU also
authenticates XMLRPC requests correctly and worked fine until I tried
to integrate z3c.password features.

However, it does not seem to persist changes to failedAttempts through XMLRPC..

Through simple testing (with an XMLRPC-client running outside of the
test framework) I see that the z3c.password principal mix-in is
executing the self.failedAttempts += 1  just as when authenticating a
normal logging in through a browser, but the change does not stick?

Am I trying to do something there is not support for, or have I set
something up in a wrong way?

I am pretty knew to the internals and mechanisms of the publisher and
how XMLRPC requests differ from normal HTTP ones..

Any ideas?

/Niklas


More information about the Zope-Dev mailing list