[Zope] XUF and authentication problem

Adam Manock abmanock@earthlink.net
Tue, 21 May 2002 13:57:12 -0400


If you're storing plain text passwords in postgres you'll need to alter the 
cryptPassword function.

Changing this:

         def cryptPassword(self, username, password):
                         salt =username[:2]
                         secret = crypt(password, salt)
                         return secret

to this:

         def cryptPassword(self, username, password):
                         salt =username[:2]
#                       secret = crypt(password, salt)
                         secret = password
                         return secret

in pgAuthSource.py should get things working ;-)



Adam

At 10:56 AM 5/21/2002 -0700, L. Pelletier wrote:
>I am a zope security newbie. I want to limit access to several folders in 
>my website using a postgres table and the extensible User Folder (XUF) 
>product. I've successfully installed XUF. What should the security tab 
>look like on the folders I want to limit access to? I've turned off 
>acquire View permissions and checked View for the Authenticated column. 
>This causes the loginForm of XUF to appear, but typing in a valid username 
>and password doesn't seemt to log me in.
>
>Is this problem related to my security tab or does it have something to do 
>with the non-encrypted storage of the passwords in my postgres table (I 
>was using UserDB and a much older version of zope before).
>
>Any help would be greatly appreciated.
>
>Thanks in advance,
>Liz