[Zope] Cookie Crumbler - read Password from login_form
Chris Withers
chrisw at nipltd.com
Mon Sep 15 10:23:43 EDT 2003
nicogrubert at arcor.de wrote:
> Hello,
>
> I am using Cookie Crumbler for Authentification in Zope.
I'm sure you mean Authentication...
> these fieldnames (e.g. __ac_name, __ac_password) are not found in the REQUEST when submitting the form "login_form" since they are stored in a cookie called "__ac".
They'll still be in the REQUEST, just not accessible due to their names...
> my question is: how can I read the password the user entered in the login_form ?
Why do you want to?
> I tried to decode the string stored in the cookie "__ac" using base64.decodestring(<string>) and got "<username>:x034x213324" where <username> is the username in cleartext the user typed in the __ac_name text field of login_form. How can I read the password in cleartext? background of this issue is that I need to pass the password in cleartext to another
> application.
In that case, probably easier to customise the user folder and have it send the
info when it's getUser method is called.
cheers,
Chris
More information about the Zope
mailing list