[Zope-PAS] SVN: Products.PluggableAuthService/branches/shh-15-masquerading/Products/PluggableAuthService/ User masquerading. Adapted from a patch against PAS 1.0.4.
Tres Seaver
tseaver at palladion.com
Mon Mar 2 12:12:01 EST 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Wichert Akkerman wrote:
> Hi Stefan,
>
> Previously Stefan H. Holek wrote:
>> Log message for revision 97359:
>> User masquerading. Adapted from a patch against PAS 1.0.4.
>>
>> Logging in as AUTHUSER/ROLEUSER (e.g. 'admin/jdoe') authenticates
>> against AUTHUSER but returns ROLEUSER. As a security precaution,
>> AUTHUSER must have the Manager role. Note: AUTHUSER and ROLEUSER
>> must live in the same user folder.
>
> What happens if someone as a / in his login name? How do you plan to
> deal with differing login and usernames?
>
> Is there a reason this is not doable with plugins?
I agree: this is *exactly* the sort of thing which should be in a
plugin. In particular, such a plugin should be configured to select
which other IAuthentication plugins it would search, which would remove
the requirement to splice the code directly into the PAS framework code.
Tres.
- --
===================================================================
Tres Seaver +1 540-429-0999 tseaver at palladion.com
Palladion Software "Excellence by Design" http://palladion.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFJrBNh+gerLs4ltQ4RAg7sAKCb0XV+xh+hI5G77RbGUylhS7IrGACgjV1Z
vU9W2q2gXP8i9hsy5A7BuJw=
=gWIX
-----END PGP SIGNATURE-----
More information about the Zope-PAS
mailing list