[Zope-PAS] Challengers (and Zope 3)

Lennart Regebro regebro at nuxeo.com
Fri Oct 1 04:15:23 EDT 2004


Jim Fulton wrote:
> Jim Fulton wrote:
> 
>>
> ...
> 
>> Let me see if I can state this correctly and clearly. For
>> lack of a better term, I'll say that there can be multiple
>> protocols for making challenges.  Examples of protocols include
>> HTTP Authentication and Cookie-based authentication.  There
>> are undoubtably other protocols, although I don't know of
>> any off hand. ;)  Generally, protocols are not compatible with
>> each other. (This is hard to say for sure, but for the protocols
>> we have, this is the case. :).  Therefore, we don't want to issue
>> challenges for multiple protocols.
> 
> 
> OK, this idea seems to have some potential.  I suggest the following
> algoritm then:
> 
>   # PAS challenge algorithm:
>   protocol = None
>   for chalenger in challengers:
>       protocol = challenger.challenge(request, response, protocol)
> 
>   if protocol is None:
>       # no challengers fired
>       ... do fallback thing
> 
> Challenge methods, then, should be written along the lines of:
> 
>   def challenge(self, request, response, protocol):
>       if protocol is None:
>           ... do stuff (e.g. set response status for http)
>           return self.protocol
>       elif protocol == self.protocol
>            ... do other stuff, often a subset of stuff
>            ... done when protocol is None (e.g. for http, don't set
>            ... 401 status)
>       # we do nothing if protocol doesn't match
>       return protocol
> 
> How does this sound?

I don't see the purpose of this. I can't see it add any additional 
functionality, to be honest.



More information about the Zope-PAS mailing list