[Zope] Cookie Crumbler - read Password from login_form
nicogrubert at arcor.de
nicogrubert at arcor.de
Mon Sep 15 03:47:33 EDT 2003
Hello,
I am using Cookie Crumbler for Authentification in Zope.
The standard login_form template provides an input text field for username and password whose fieldnames must correspond to the fieldnames set in the cookie crumbler object.
these fieldnames (e.g. __ac_name, __ac_password) are not found in the REQUEST when submitting the form "login_form" since they are stored in a cookie called "__ac".
my question is: how can I read the password the user entered in the login_form ?
Assume, my login_form contains in <form action="myExternalMethod"> instead of "<form action="logged_in"> to call an external method that reads the password from login_form. How can I do that?
I tried to decode the string stored in the cookie "__ac" using base64.decodestring(<string>) and got "<username>:x034x213324" where <username> is the username in cleartext the user typed in the __ac_name text field of login_form. How can I read the password in cleartext? background of this issue is that I need to pass the password in cleartext to another
application.
thank you in advance
-nico
More information about the Zope
mailing list