[Zope] ZEO client authentication

Mika, David P (Research) mika at crd.ge.com
Tue Oct 4 17:05:09 EDT 2005


Thanks!  Works great.

I found that you can generate the encrypted password with Lib/python/ZEO/zeopasswd.py

I wish there was a better solution than having the cleartext password in the zope.conf file
Dave

-----Original Message-----
From: zope-bounces+mika=crd.ge.com at zope.org
[mailto:zope-bounces+mika=crd.ge.com at zope.org]On Behalf Of Sascha
Ottolski
Sent: Monday, October 03, 2005 11:40 AM
To: zope at zope.org
Subject: Re: [Zope] ZEO client authentication


Am Montag, 3. Oktober 2005 14:44 schrieb Mika, David P (Research):
> I see that ZEO supports a simple digest authenitcation of clients and that
> this is set in the zeo's config file with the keys:
> authentication-protocol, authentication-database and authentication-realm.
>
> Further, I can see that a client can connect using e.g. ZEO.ClientStorage
> with arguments for a userid & password (set in the ZEO authentication
> database).  However, how does one configure Zope (as a client to the ZEO
> server) to use this authentication?  I see nothing in the Zope config file.
>  Somehow Zope must be able to pass a valid userid and password in the
> authentication database to ZEO.
>
> Dave

Hi Dave,

this might help, although it's not written by me so I'm not 100% sure that 
I've picked up everything:

small patch to lib/python/ZODB:

--- config.py    (revision 37730)
+++ config.py    (working copy)
@@ -150,7 +150,10 @@
             max_disconnect_poll=self.config.max_disconnect_poll,
             wait=self.config.wait,
             read_only=self.config.read_only,
-            read_only_fallback=self.config.read_only_fallback)
+            read_only_fallback=self.config.read_only_fallback,
+            username=self.config.username,
+            password=self.config.password,
+            realm=self.config.realm)

 class BDBStorage(BaseConfig):

Index: component.xml
===================================================================
--- component.xml        (revision 37730)
+++ component.xml        (working copy)
@@ -132,6 +132,16 @@
         read_only_fallback should be true.
       </description>
     </key>
+    <key name="username" required="no">
+      <description>
+        The authentication username of the server.
+      </description>
+    </key>
+    <key name="password" required="no">
+      <description>
+        The authentication password of the server.
+      </description>
+    </key>
     <key name="realm" required="no">
       <description>
         The authentication realm of the server.  Some authentication


something like this in your zeo.conf <zeo> section:

	<zeo>
	  ...
	  authentication-protocol digest
	  authentication-database $INSTANCE/etc/auth.db
	  authentication-realm your_realm
	  ...
	</zeo>

obviously, a username/password in $INSTANCE/etc/auth.db (ZEO instance, that 
is):

	$ cat /mnt/zope/ZEOHome/etc/auth.db
	realm your_realm
	your_username: your_crypted_password

and something like this in your zope.conf:

	<zodb_db main>
	  mount-point /
	  cache-size 10000
	  <zeoclient>
	    server localhost:1234
	    username your_username
	    password your_cleartext_password
	    ...
	    ...
	  </zeoclient>
	</zodb_db main>

now, I'm not sure how to create the encrypted password, I guess zpasswd.py 
will help.


Good luck,

Sascha

-- 
Gallileus - the power of knowledge

Gallileus GmbH                   http://www.gallileus.info/

Pintschstraße 16                  fon +49-(0)30-41 93 43 43
10249 Berlin                      fax +49-(0)30-41 93 43 45
Germany
_______________________________________________
Zope maillist  -  Zope at zope.org
http://mail.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope-dev )


More information about the Zope mailing list