[Zope-PAS] Re: Domainauth
Janko Hauser
jhauser at zscout.de
Thu Jun 22 10:48:23 EDT 2006
Am 22.06.2006 um 15:39 schrieb Tres Seaver:
> The sequence which creates a user object is defined in the
> PAS.validate
> method:
...
Very good documentation snipped
I followed this path and found the culprit.
The cookie_auth_helper extends the credentials with the remote_addr
only if it found something before.
else:
# Look in the request for the names coming from the
login form
login = request.get('__ac_name', '')
password = request.get('__ac_password', '')
if login:
creds['login'] = login
creds['password'] = password
if creds or 1: # or 1 added by jhauser
creds['remote_host'] = request.get('REMOTE_HOST', '')
try:
creds['remote_address'] = request.getClientAddr()
except AttributeError:
creds['remote_address'] = request.get('REMOTE_ADDR',
'')
return creds
So actually the question is, if the test for credentials is needed at
all at this place.
I will further look into this, but thanks to Tres and ZAC to lead me
to this place.
With regards,
__Janko
--
Janko Hauser email: jhauser at zscout.de
mobile: +49 1721 641552
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 155 bytes
Desc: Signierter Teil der Nachricht
Url : http://mail.zope.org/pipermail/zope-pas/attachments/20060622/a9d53305/PGP-0001.bin
More information about the Zope-PAS
mailing list