[Zope3-checkins] SVN: Zope3/branches/jim-rename-pau/ Updated code
to reflect renaming.
Jim Fulton
jim at zope.com
Mon Jan 24 14:56:55 EST 2005
Log message for revision 28947:
Updated code to reflect renaming.
Changed:
A Zope3/branches/jim-rename-pau/package-includes/authentication-configure.zcml
D Zope3/branches/jim-rename-pau/package-includes/pau-configure.zcml
U Zope3/branches/jim-rename-pau/src/zope/app/authentication/README.txt
U Zope3/branches/jim-rename-pau/src/zope/app/authentication/__init__.py
A Zope3/branches/jim-rename-pau/src/zope/app/authentication/authentication.py
U Zope3/branches/jim-rename-pau/src/zope/app/authentication/authenticationplugins.zcml
U Zope3/branches/jim-rename-pau/src/zope/app/authentication/browser/__init__.py
U Zope3/branches/jim-rename-pau/src/zope/app/authentication/browser/configure.zcml
U Zope3/branches/jim-rename-pau/src/zope/app/authentication/browser/group_searching_with_empty_string.txt
U Zope3/branches/jim-rename-pau/src/zope/app/authentication/browser/groupfolder.txt
U Zope3/branches/jim-rename-pau/src/zope/app/authentication/browser/principalfolder.txt
U Zope3/branches/jim-rename-pau/src/zope/app/authentication/browser/schemasearch.py
U Zope3/branches/jim-rename-pau/src/zope/app/authentication/browser/schemasearch.txt
U Zope3/branches/jim-rename-pau/src/zope/app/authentication/browserplugins.py
U Zope3/branches/jim-rename-pau/src/zope/app/authentication/configure.zcml
U Zope3/branches/jim-rename-pau/src/zope/app/authentication/groupfolder.py
U Zope3/branches/jim-rename-pau/src/zope/app/authentication/groupfolder.txt
U Zope3/branches/jim-rename-pau/src/zope/app/authentication/groupfolder.zcml
U Zope3/branches/jim-rename-pau/src/zope/app/authentication/idpicker.txt
U Zope3/branches/jim-rename-pau/src/zope/app/authentication/interfaces.py
D Zope3/branches/jim-rename-pau/src/zope/app/authentication/pau.py
U Zope3/branches/jim-rename-pau/src/zope/app/authentication/principalfolder.py
U Zope3/branches/jim-rename-pau/src/zope/app/authentication/principalfolder.txt
U Zope3/branches/jim-rename-pau/src/zope/app/authentication/principalplugins.py
U Zope3/branches/jim-rename-pau/src/zope/app/authentication/principalplugins.zcml
U Zope3/branches/jim-rename-pau/src/zope/app/authentication/tests.py
-=-
Copied: Zope3/branches/jim-rename-pau/package-includes/authentication-configure.zcml (from rev 28937, Zope3/branches/jim-rename-pau/package-includes/pau-configure.zcml)
===================================================================
--- Zope3/branches/jim-rename-pau/package-includes/pau-configure.zcml 2005-01-24 18:36:51 UTC (rev 28937)
+++ Zope3/branches/jim-rename-pau/package-includes/authentication-configure.zcml 2005-01-24 19:56:54 UTC (rev 28947)
@@ -0,0 +1 @@
+<include package="zope.app.authentication" />
Deleted: Zope3/branches/jim-rename-pau/package-includes/pau-configure.zcml
===================================================================
--- Zope3/branches/jim-rename-pau/package-includes/pau-configure.zcml 2005-01-24 19:25:19 UTC (rev 28946)
+++ Zope3/branches/jim-rename-pau/package-includes/pau-configure.zcml 2005-01-24 19:56:54 UTC (rev 28947)
@@ -1 +0,0 @@
-<include package="zope.app.pau" />
\ No newline at end of file
Modified: Zope3/branches/jim-rename-pau/src/zope/app/authentication/README.txt
===================================================================
--- Zope3/branches/jim-rename-pau/src/zope/app/authentication/README.txt 2005-01-24 19:25:19 UTC (rev 28946)
+++ Zope3/branches/jim-rename-pau/src/zope/app/authentication/README.txt 2005-01-24 19:56:54 UTC (rev 28947)
@@ -1,8 +1,8 @@
================================
-Pluggable Authentication Utility
+Pluggable-Authentication Utility
================================
-The Pluggable Authentication Utility (PAU) provides a framework for
+The Pluggable-Authentication Utility provides a framework for
authenticating principals and associating information with them. It uses a
variety of different utilities, called plugins, and subscribers to get its
work done.
@@ -12,7 +12,7 @@
The primary job of an authentication utility is to authenticate principals.
Given a request object, the authentication utility returns a principal object,
-if it can. The PAU does this in two steps:
+if it can. The pluggable-authentication utility does this in two steps:
1. It determines a principal ID based on authentication credentials found in a
request, and then
@@ -23,10 +23,11 @@
It uses plug-ins in both phases of its work. Plugins are named utilities that
the utility is configured to use in some order.
-In the first phase, the PAU iterates through a sequence of extractor plugins.
-From each plugin, it attempts to get a set of credentials. If it gets
-credentials, it iterates through a sequence of authentication plugins, trying
-to get a principal id for the given credentials. It continues this until it
+In the first phase, the pluggable-authentication utility iterates
+through a sequence of extractor plugins. From each plugin, it
+attempts to get a set of credentials. If it gets credentials, it
+iterates through a sequence of authentication plugins, trying to get a
+principal id for the given credentials. It continues this until it
gets a principal id.
Once it has a principal id, it begins the second phase. In the second phase,
@@ -42,7 +43,7 @@
extraction:
>>> import zope.interface
- >>> from zope.app.pau import interfaces
+ >>> from zope.app.authentication import interfaces
>>> class MyExtractor:
...
@@ -101,10 +102,10 @@
>>> provideUtility(interfaces.IPrincipalFactoryPlugin, PrincipalFactory(),
... name='pf')
-Finally, we create a PAU instance:
+Finally, we create a pluggable-authentication utility instance:
- >>> from zope.app import pau
- >>> auth = pau.LocalPAU()
+ >>> from zope.app import authentication
+ >>> auth = authentication.LocalPluggableAuthentication()
Now, we'll create a request and try to authenticate:
@@ -122,7 +123,7 @@
>>> principal
Principal('42', '')
-In addition to getting a principal, an `IPAUPrincipalCreated` event will
+In addition to getting a principal, an `IPrincipalCreated` event will
have been generated. We'll use the testing event logging API to see that
this is the case:
@@ -153,7 +154,7 @@
... event.principal.title = `event.info`
>>> from zope.app.tests.ztapi import subscribe
- >>> subscribe([interfaces.IPAUPrincipalCreated], None, add_info)
+ >>> subscribe([interfaces.IPrincipalCreated], None, add_info)
Now, if we authenticate a principal, its title will be set:
@@ -262,16 +263,17 @@
integer credentials. It's common for factories to decide whether they
should be used depending on supplemental information. Factories
should not try to inspect the principal ids. Why? Because, as we'll
-see later, the PAU may modify ids before giving them to factories.
-Similarly, subscribers should use the supplemental information for any
-data they need.
+see later, the pluggable-authentication utility may modify ids before
+giving them to factories. Similarly, subscribers should use the
+supplemental information for any data they need.
Get a principal given an id
===========================
-We can ask the PAU for a principal, given an id.
+We can ask the pluggable-authentication utility for a principal, given an id.
-To do this, the PAU uses principal search plugins:
+To do this, the pluggable-authentication utility uses principal search
+plugins:
>>> class Search42:
...
@@ -310,16 +312,16 @@
>>> auth.getPrincipal('42')
Principal('42', "{'domain': 42}")
- >>> [event] = getEvents(interfaces.IPAUPrincipalCreated)
+ >>> [event] = getEvents(interfaces.IPrincipalCreated)
>>> event.principal
Principal('42', "{'domain': 42}")
>>> event.info
{'domain': 42}
-Our PAU will not find a principal with the ID '123'. Therefore it will
-delegate to the next utility. To make sure that it's delegated, we put in place
-a fake utility.
+Our pluggable-authentication utility will not find a principal with
+the ID '123'. Therefore it will delegate to the next utility. To make
+sure that it's delegated, we put in place a fake utility.
>>> from zope.app.utility.utility import testingNextUtility
>>> from zope.app.security.interfaces import IAuthentication
@@ -346,10 +348,11 @@
Issuing a challenge
===================
-If the unauthorized method is called on the PAU, the PAU iterates
-through a sequence of challenge plugins calling their challenge
-methods until one returns True, indicating that a challenge was
-issued. (This is a simplification. See "Protocols" below.)
+If the unauthorized method is called on the pluggable-authentication
+utility, the pluggable-authentication utility iterates through a
+sequence of challenge plugins calling their challenge methods until
+one returns True, indicating that a challenge was issued. (This is a
+simplification. See "Protocols" below.)
Nothing will happen if there are no plugins registered.
@@ -400,10 +403,10 @@
3. The view gets the authentication utility and calls it's
'unauthorized' method.
-4. The PAU will call its challenge plugins. If none return a value,
- then the PAU delegates to the next authentication utility above it
- in the containment hierarchy, or to the global authentication
- utility.
+4. The pluggable-authentication utility will call its challenge
+ plugins. If none return a value, then the pluggable-authentication
+ utility delegates to the next authentication utility above it in
+ the containment hierarchy, or to the global authentication utility.
5. The view sets the body of the response.
@@ -481,17 +484,19 @@
issued immediately. They might do this if they recognize partial
credentials that pertain to them.
-PAU prefixes
-============
+Pluggable-Authentication Prefixes
+=================================
Principal ids are required to be unique system wide. Plugins will
often provide options for providing id prefixes, so that different
-sets of plugins provide unique ids within a PAU. If there are
-multiple PAUs in a system, it's a good idea to give each PAU a
-unique prefix, so that principal ids from different PAUs don't
-conflict. We can provide a prefix when a PAU is created:
+sets of plugins provide unique ids within a pluggable-authentication
+utility. If there are multiple pluggable-authentication utilities in
+a system, it's a good idea to give each pluggable-authentication
+utility a unique prefix, so that principal ids from different
+pluggable-authentication utilities don't conflict. We can provide a
+prefix when a pluggable-authentication utility is created:
- >>> auth = pau.PAU('mypas_')
+ >>> auth = authentication.PluggableAuthentication('mypas_')
>>> auth.extractors = 'eodd', 'emy'
>>> auth.authenticators = 'a42', 'aint'
>>> auth.factories = 'oddf', 'pf'
@@ -504,7 +509,8 @@
>>> principal
Principal('mypas_42', "{'domain': 42}")
-Note that now, our principal's id has the PAU prefix.
+Note that now, our principal's id has the pluggable-authentication
+utility prefix.
We can still lookup a principal, as long as we supply the prefix:
@@ -534,7 +540,8 @@
view that provides
`zope.app.form.browser.interfaces.ISourceQueryView`.
-PAU uses search plugins in a very simple way. It merely implements
+Pluggable-authentication utilities use search plugins in a very simple
+way. They merely implements
`zope.schema.interfaces.ISourceQueriables`:
>>> [id for (id, queriable) in auth.getQueriables()]
Modified: Zope3/branches/jim-rename-pau/src/zope/app/authentication/__init__.py
===================================================================
--- Zope3/branches/jim-rename-pau/src/zope/app/authentication/__init__.py 2005-01-24 19:25:19 UTC (rev 28946)
+++ Zope3/branches/jim-rename-pau/src/zope/app/authentication/__init__.py 2005-01-24 19:56:54 UTC (rev 28947)
@@ -17,4 +17,5 @@
"""
import interfaces
-from zope.app.pau.pau import PAU, LocalPAU
+from zope.app.authentication.authentication import PluggableAuthentication
+from zope.app.authentication.authentication import LocalPluggableAuthentication
Copied: Zope3/branches/jim-rename-pau/src/zope/app/authentication/authentication.py (from rev 28938, Zope3/branches/jim-rename-pau/src/zope/app/authentication/pau.py)
===================================================================
--- Zope3/branches/jim-rename-pau/src/zope/app/authentication/pau.py 2005-01-24 18:45:25 UTC (rev 28938)
+++ Zope3/branches/jim-rename-pau/src/zope/app/authentication/authentication.py 2005-01-24 19:56:54 UTC (rev 28947)
@@ -0,0 +1,187 @@
+##############################################################################
+#
+# Copyright (c) 2004 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""Pluggable Authentication Utility implementation
+
+$Id$
+"""
+
+from zope.event import notify
+import zope.interface
+import zope.schema
+from persistent import Persistent
+
+from zope.schema.interfaces import ISourceQueriables
+
+from zope.app import zapi
+
+from zope.app.security.interfaces import IAuthentication
+from zope.app.utility.utility import queryNextUtility
+from zope.app.container.contained import Contained
+from zope.app.utility.interfaces import ILocalUtility
+from zope.app.location.interfaces import ILocation
+
+from zope.app.authentication import interfaces
+from zope.app.authentication.interfaces import IExtractionPlugin
+from zope.app.authentication.interfaces import IAuthenticationPlugin
+from zope.app.authentication.interfaces import IChallengePlugin
+from zope.app.authentication.interfaces import IPrincipalFactoryPlugin
+from zope.app.authentication.interfaces import IPrincipalSearchPlugin
+
+
+class IPluggableAuthentication(zope.interface.Interface):
+ """Pluggable Authentication Utility
+ """
+
+ extractors = zope.schema.List(
+ title=u"Credential Extractors",
+ value_type = zope.schema.Choice(vocabulary='ExtractionPlugins'),
+ default=[],
+ )
+
+ authenticators = zope.schema.List(
+ title=u"Authenticators",
+ value_type = zope.schema.Choice(vocabulary='AuthenticationPlugins'),
+ default=[],
+ )
+
+ challengers = zope.schema.List(
+ title=u"Challengers",
+ value_type = zope.schema.Choice(vocabulary='ChallengePlugins'),
+ default=[],
+ )
+
+ factories = zope.schema.List(
+ title=u"Principal Factories",
+ value_type = zope.schema.Choice(vocabulary='PrincipalFactoryPlugins'),
+ default=[],
+ )
+
+ searchers = zope.schema.List(
+ title=u"Search Plugins",
+ value_type = zope.schema.Choice(vocabulary='PrincipalSearchPlugins'),
+ default=[],
+ )
+
+class PluggableAuthentication(object):
+
+ zope.interface.implements(
+ IPluggableAuthentication, IAuthentication, ISourceQueriables)
+
+ authenticators = extractors = challengers = factories = searchers = ()
+
+ def __init__(self, prefix=''):
+ self.prefix = prefix
+
+ def authenticate(self, request):
+ authenticators = [zapi.queryUtility(IAuthenticationPlugin, name)
+ for name in self.authenticators]
+ for extractor in self.extractors:
+ extractor = zapi.queryUtility(IExtractionPlugin, extractor)
+ if extractor is None:
+ continue
+ credentials = extractor.extractCredentials(request)
+ for authenticator in authenticators:
+ if authenticator is None:
+ continue
+ authenticated = authenticator.authenticateCredentials(
+ credentials)
+ if authenticated is None:
+ continue
+
+ id, info = authenticated
+ return self._create('createAuthenticatedPrincipal',
+ self.prefix+id, info, request)
+ return None
+
+ def _create(self, meth, *args):
+ # We got some data, lets create a user
+ for factory in self.factories:
+ factory = zapi.queryUtility(IPrincipalFactoryPlugin,
+ factory)
+ if factory is None:
+ continue
+
+ principal = getattr(factory, meth)(*args)
+ if principal is None:
+ continue
+
+ return principal
+
+ def getPrincipal(self, id):
+ if not id.startswith(self.prefix):
+ return self._delegate('getPrincipal', id)
+ id = id[len(self.prefix):]
+
+ for searcher in self.searchers:
+ searcher = zapi.queryUtility(IPrincipalSearchPlugin, searcher)
+ if searcher is None:
+ continue
+
+ info = searcher.principalInfo(id)
+ if info is None:
+ continue
+
+ return self._create('createFoundPrincipal', self.prefix+id, info)
+
+ return self._delegate('getPrincipal', self.prefix+id)
+
+ def getQueriables(self):
+ for searcher_id in self.searchers:
+ searcher = zapi.queryUtility(IPrincipalSearchPlugin, searcher_id)
+ yield searcher_id, searcher
+
+
+ def unauthenticatedPrincipal(self):
+ return None
+
+ def unauthorized(self, id, request):
+ protocol = None
+
+ for challenger in self.challengers:
+ challenger = zapi.queryUtility(IChallengePlugin, challenger)
+ if challenger is None:
+ continue # skip non-existant challengers
+
+ challenger_protocol = getattr(challenger, 'protocol', None)
+ if protocol is None or challenger_protocol == protocol:
+ if challenger.challenge(request, request.response):
+ if challenger_protocol is None:
+ return
+ elif protocol is None:
+ protocol = challenger_protocol
+
+ if protocol is None:
+ self._delegate('unauthorized', id, request)
+
+ def _delegate(self, meth, *args):
+ # delegate to next AU
+ next = queryNextUtility(self, IAuthentication)
+ if next is None:
+ return None
+ return getattr(next, meth)(*args)
+
+ # BBB
+ def getPrincipals(self, name):
+ import warnings
+ warnings.warn(
+ "The getPrincipals method has been deprecicated. "
+ "It will be removed in Zope X3.3. "
+ "You'll find no principals here.",
+ DeprecationWarning, stacklevel=2)
+ return ()
+
+class LocalPluggableAuthentication(PluggableAuthentication,
+ Persistent, Contained):
+ zope.interface.implements(IPluggableAuthentication,
+ ILocation, ILocalUtility)
Modified: Zope3/branches/jim-rename-pau/src/zope/app/authentication/authenticationplugins.zcml
===================================================================
--- Zope3/branches/jim-rename-pau/src/zope/app/authentication/authenticationplugins.zcml 2005-01-24 19:25:19 UTC (rev 28946)
+++ Zope3/branches/jim-rename-pau/src/zope/app/authentication/authenticationplugins.zcml 2005-01-24 19:56:54 UTC (rev 28947)
@@ -45,9 +45,9 @@
<browser:addMenuItem
- title="SQL PAU Authentication Plugin"
- description="A SQL PAU Authentication Plugin"
- class="zope.app.pau.sql.SQLAuthenticationPlugin"
+ title="SQL Pluggable-Authentication Authentication Plugin"
+ description="A SQL Pluggable-Authentication Authentication Plugin"
+ class=".sql.SQLAuthenticationPlugin"
permission="zope.ManageContent"
/>
Modified: Zope3/branches/jim-rename-pau/src/zope/app/authentication/browser/__init__.py
===================================================================
--- Zope3/branches/jim-rename-pau/src/zope/app/authentication/browser/__init__.py 2005-01-24 19:25:19 UTC (rev 28946)
+++ Zope3/branches/jim-rename-pau/src/zope/app/authentication/browser/__init__.py 2005-01-24 19:56:54 UTC (rev 28947)
@@ -11,7 +11,7 @@
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
-"""PAU Views
+"""Pluggable Authentication Views
$Id$
"""
Modified: Zope3/branches/jim-rename-pau/src/zope/app/authentication/browser/configure.zcml
===================================================================
--- Zope3/branches/jim-rename-pau/src/zope/app/authentication/browser/configure.zcml 2005-01-24 19:25:19 UTC (rev 28946)
+++ Zope3/branches/jim-rename-pau/src/zope/app/authentication/browser/configure.zcml 2005-01-24 19:56:54 UTC (rev 28947)
@@ -20,8 +20,8 @@
<addMenuItem
title="Principal Folder"
- description="A PAU Persistent Authentication Plugin"
- class="zope.app.pau.principalfolder.PrincipalFolder"
+ description="A Pluggable Authentication Persistent Authentication Plugin"
+ class="..principalfolder.PrincipalFolder"
permission="zope.ManageServices"
view="AddPrincipalFolder.html"
/>
@@ -81,38 +81,33 @@
<tool
interface="..interfaces.IAuthenticationPlugin"
- title="PAU Authentication Plugin"
- description="PAU Authentication Plugin"
+ title="Pluggable-Authentication Authentication Plugin"
/>
<tool
interface="..interfaces.IPrincipalSearchPlugin"
- title="PAU Search Plugin"
- description="PAU Search Plugin"
+ title="Pluggable-Authentication Search Plugin"
/>
<tool
interface="..interfaces.ISearchableAuthenticationPlugin"
- title="PAU Search and Authentication Plugin"
- description="PAU Search and Authentication Plugin"
+ title="Pluggable-Authentication Search and Authentication Plugin"
/>
<tool
interface="..interfaces.IExtractionPlugin"
- title="PAU Extraction Plugin"
- description="PAU Extraction Plugin"
+ title="Pluggable-Authentication Extraction Plugin"
/>
<tool
interface="..interfaces.IChallengePlugin"
- title="PAU Challenge Plugin"
- description="PAU Challenge Plugin"
+ title="Pluggable-Authentication Challenge Plugin"
/>
<tool
interface="..interfaces.IExtractionAndChallengePlugin"
- title="PAU Credential Extraction and Challenge Plugin"
- description="PAU Credential Extraction and Challenge Plugin"
+ title=
+ "Pluggable-Authentication Credential Extraction and Challenge Plugin"
/>
<include file="groupfolder.zcml" />
@@ -120,15 +115,14 @@
<!-- Challengers -->
<addMenuItem
- title="PAU Custom Realm Basic Auth Challenge Plugin"
- description="A PAU Basic Auth Challenge Plugin"
+ title="Pluggable-Authentication Custom Realm Basic Auth Challenge Plugin"
class="..httpplugins.HTTPBasicAuthChallenger"
permission="zope.ManageContent"
/>
<addMenuItem
title="Custom Form Session Challenge Plugin"
- description="A PAU Challenge Plugin"
+ description="A Pluggable-Authentication Challenge Plugin"
class="..browserplugins.FormChallenger"
permission="zope.ManageServices"
/>
@@ -136,8 +130,7 @@
<!-- Extractors -->
<addMenuItem
- title="PAU Browser Session Extractor"
- description="A PAU Extraction Plugin"
+ title="Pluggable-Authentication Browser Session Extractor"
class="..browserplugins.SessionExtractor"
permission="zope.ManageServices"
/>
Modified: Zope3/branches/jim-rename-pau/src/zope/app/authentication/browser/group_searching_with_empty_string.txt
===================================================================
--- Zope3/branches/jim-rename-pau/src/zope/app/authentication/browser/group_searching_with_empty_string.txt 2005-01-24 19:25:19 UTC (rev 28946)
+++ Zope3/branches/jim-rename-pau/src/zope/app/authentication/browser/group_searching_with_empty_string.txt 2005-01-24 19:56:54 UTC (rev 28947)
@@ -5,11 +5,9 @@
>>> print http(r"""
... POST /++etc++site/default/@@contents.html HTTP/1.1
... Authorization: Basic mgr:mgrpw
- ... Content-Length: 60
... Content-Type: application/x-www-form-urlencoded
- ... Referer: http://localhost:8081/++etc++site/default/@@contents.html?type_name=BrowserAdd__zope.app.pau.pau.LocalPAU
...
- ... type_name=BrowserAdd__zope.app.pau.pau.LocalPAU&new_value=PA""")
+ ... type_name=BrowserAdd__zope.app.authentication.authentication.LocalPluggableAuthentication&new_value=PA""")
HTTP/1.1 303 See Other
...
@@ -18,7 +16,6 @@
>>> print http(r"""
... POST /++etc++site/default/PA/addRegistration.html HTTP/1.1
... Authorization: Basic mgr:mgrpw
- ... Content-Length: 852
... Content-Type: multipart/form-data; boundary=---------------------------8474411127918531132143183931
... Referer: http://localhost:8081/++etc++site/default/PA/addRegistration.html
...
@@ -57,7 +54,6 @@
>>> print http(r"""
... POST /++etc++site/@@contents.html HTTP/1.1
... Authorization: Basic mgr:mgrpw
- ... Content-Length: 118
... Content-Type: application/x-www-form-urlencoded
... Referer: http://localhost:8081/++etc++site/@@contents.html
...
@@ -68,7 +64,6 @@
>>> print http(r"""
... POST /++etc++site/AddIPrincipalSearchPluginTool/AddGroupFolder.html%3D HTTP/1.1
... Authorization: Basic mgr:mgrpw
- ... Content-Length: 420
... Content-Type: multipart/form-data; boundary=---------------------------1160081710811409419323271465
... Referer: http://localhost:8081/++etc++site/AddIPrincipalSearchPluginTool/AddGroupFolder.html=
...
@@ -94,7 +89,6 @@
>>> print http(r"""
... POST /++etc++site/tools/GroupFolder/+/AddGroupInformation.html%3D HTTP/1.1
... Authorization: Basic mgr:mgrpw
- ... Content-Length: 545
... Content-Type: multipart/form-data; boundary=---------------------------57051497716357005611441891504
... Referer: http://localhost:8081/++etc++site/tools/GroupFolder/+/AddGroupInformation.html=
...
@@ -123,7 +117,6 @@
>>> print http(r"""
... POST /++etc++site/tools/GroupFolder/+/AddGroupInformation.html%3D HTTP/1.1
... Authorization: Basic mgr:mgrpw
- ... Content-Length: 540
... Content-Type: multipart/form-data; boundary=---------------------------1162360160489428309570988744
... Referer: http://localhost:8081/++etc++site/tools/GroupFolder/+/AddGroupInformation.html=
...
@@ -154,7 +147,6 @@
>>> print http(r"""
... POST /++etc++site/default/PA/@@edit.html HTTP/1.1
... Authorization: Basic mgr:mgrpw
- ... Content-Length: 708
... Content-Type: multipart/form-data; boundary=---------------------------13414337386198656711891559433
... Referer: http://localhost:8081/++etc++site/default/PA/@@edit.html
...
@@ -188,7 +180,6 @@
>>> print http(r"""
... POST /@@grant.html HTTP/1.1
... Authorization: Basic mgr:mgrpw
- ... Content-Length: 182
... Content-Type: application/x-www-form-urlencoded
...
... field.principal.displayed=y&field.principal.MC5Hcm91cEZvbGRlcg__.query.field.search=&field.principal.MC5Hcm91cEZvbGRlcg__.query.search=Search&field.principal.MQ__.query.searchstring=""")
Modified: Zope3/branches/jim-rename-pau/src/zope/app/authentication/browser/groupfolder.txt
===================================================================
--- Zope3/branches/jim-rename-pau/src/zope/app/authentication/browser/groupfolder.txt 2005-01-24 19:25:19 UTC (rev 28946)
+++ Zope3/branches/jim-rename-pau/src/zope/app/authentication/browser/groupfolder.txt 2005-01-24 19:56:54 UTC (rev 28947)
@@ -3,13 +3,13 @@
Group folders are used to define groups. Before you can define
groups, you have to create a group folder and configure it in a
-pluggable authentication service (PAU). The group folder has to be
-registered with a PAU before defining any groups. This is because the
-groups folder needs to use the PAU to find all of the groups
-containing a given group so that it can check for group cycles. Not
-all of a group's groups need to be defined in it's group folder. Other
-groups folders or group-defining plugins could define groups for a
-group.
+pluggable authentication utility. The group folder has to be
+registered with a pluggable authentication utility before defining any
+groups. This is because the groups folder needs to use the pluggable
+authentication utility to find all of the groups containing a given
+group so that it can check for group cycles. Not all of a group's
+groups need to be defined in it's group folder. Other groups folders
+or group-defining plugins could define groups for a group.
Let's walk through an example.
@@ -30,7 +30,6 @@
>>> print http(r"""
... POST /++etc++site/AddISearchableAuthenticationPluginTool/AddPrincipalFolder.html%3D HTTP/1.1
... Authorization: Basic mgr:mgrpw
- ... Content-Length: 434
... Content-Type: multipart/form-data; boundary=---------------------------190685539214643056941988788830
... Referer: http://localhost:8081/++etc++site/AddISearchableAuthenticationPluginTool/AddPrincipalFolder.html=
...
@@ -58,7 +57,6 @@
>>> print http(r"""
... POST /++etc++site/tools/users/+/AddPrincipalInformation.html%3D HTTP/1.1
... Authorization: Basic mgr:mgrpw
- ... Content-Length: 784
... Content-Type: multipart/form-data; boundary=---------------------------62010169718836874861388307181
...
... -----------------------------62010169718836874861388307181
@@ -95,7 +93,6 @@
>>> print http(r"""
... POST /++etc++site/tools/users/+/AddPrincipalInformation.html%3D HTTP/1.1
... Authorization: Basic mgr:mgrpw
- ... Content-Length: 779
... Content-Type: multipart/form-data; boundary=---------------------------1501629520183211901834390790
...
... -----------------------------1501629520183211901834390790
@@ -132,7 +129,6 @@
>>> print http(r"""
... POST /++etc++site/tools/users/+/AddPrincipalInformation.html%3D HTTP/1.1
... Authorization: Basic mgr:mgrpw
- ... Content-Length: 781
... Content-Type: multipart/form-data; boundary=---------------------------3362827831346173768318792608
...
... -----------------------------3362827831346173768318792608
@@ -169,7 +165,6 @@
>>> print http(r"""
... POST /++etc++site/tools/users/+/AddPrincipalInformation.html%3D HTTP/1.1
... Authorization: Basic mgr:mgrpw
- ... Content-Length: 781
... Content-Type: multipart/form-data; boundary=---------------------------1771586876978613244952985501
...
... -----------------------------1771586876978613244952985501
@@ -206,7 +201,6 @@
>>> print http(r"""
... POST /++etc++site/tools/users/+/AddPrincipalInformation.html%3D HTTP/1.1
... Authorization: Basic mgr:mgrpw
- ... Content-Length: 783
... Content-Type: multipart/form-data; boundary=---------------------------6406512534224572322062554722
...
... -----------------------------6406512534224572322062554722
@@ -243,7 +237,6 @@
>>> print http(r"""
... POST /++etc++site/tools/users/+/AddPrincipalInformation.html%3D HTTP/1.1
... Authorization: Basic mgr:mgrpw
- ... Content-Length: 779
... Content-Type: multipart/form-data; boundary=---------------------------1596878616204415667781266350
...
... -----------------------------1596878616204415667781266350
@@ -280,7 +273,6 @@
>>> print http(r"""
... POST /++etc++site/tools/users/+/AddPrincipalInformation.html%3D HTTP/1.1
... Authorization: Basic mgr:mgrpw
- ... Content-Length: 793
... Content-Type: multipart/form-data; boundary=---------------------------160587971417390263241080578782
...
... -----------------------------160587971417390263241080578782
@@ -319,7 +311,6 @@
>>> print http(r"""
... POST /++etc++site/AddIPrincipalSearchPluginTool/AddGroupFolder.html%3D HTTP/1.1
... Authorization: Basic mgr:mgrpw
- ... Content-Length: 432
... Content-Type: multipart/form-data; boundary=---------------------------18984415031531709165482618952
...
... -----------------------------18984415031531709165482618952
@@ -341,25 +332,24 @@
Location: ../@@manageIPrincipalSearchPluginTool.html
...
-Now, before we can define any groups, we have to add and register a PAU:
+Now, before we can define any groups, we have to add and register a
+pluggable authentication utility:
>>> print http(r"""
... POST /++etc++site/default/@@contents.html HTTP/1.1
... Authorization: Basic bWdyOm1ncnB3
- ... Content-Length: 58
... Content-Type: application/x-www-form-urlencoded
... Referer: http://localhost:8081/++etc++site/default/@@contents.html
...
- ... type_name=BrowserAdd__zope.app.pau.pau.LocalPAU&new_value=""")
+ ... type_name=BrowserAdd__zope.app.authentication.authentication.LocalPluggableAuthentication&new_value=""")
HTTP/1.1 303 See Other
...
>>> print http(r"""
- ... POST /++etc++site/default/LocalPAU/addRegistration.html HTTP/1.1
+ ... POST /++etc++site/default/LocalPluggableAuthentication/addRegistration.html HTTP/1.1
... Authorization: Basic bWdyOm1ncnB3
- ... Content-Length: 852
... Content-Type: multipart/form-data; boundary=---------------------------1649392783947785437368129046
- ... Referer: http://localhost:8081/++etc++site/default/LocalPAU/
+ ... Referer: http://localhost:8081/++etc++site/default/LocalPluggableAuthentication/
...
... -----------------------------1649392783947785437368129046
... Content-Disposition: form-data; name="field.name"
@@ -395,9 +385,8 @@
>>> print http(r"""
- ... POST /++etc++site/default/LocalPAU/@@edit.html HTTP/1.1
+ ... POST /++etc++site/default/LocalPluggableAuthentication/@@edit.html HTTP/1.1
... Authorization: Basic mgr:mgrpw
- ... Content-Length: 2073
... Content-Type: multipart/form-data; boundary=---------------------------18023914511159666166636904990
...
... -----------------------------18023914511159666166636904990
@@ -471,7 +460,6 @@
>>> print http(r"""
... POST /++etc++site/tools/groups/+/AddGroupInformation.html%3D HTTP/1.1
... Authorization: Basic mgr:mgrpw
- ... Content-Length: 540
... Content-Type: multipart/form-data; boundary=---------------------------5412502961004181070544094984
...
... -----------------------------5412502961004181070544094984
@@ -502,7 +490,6 @@
>>> print http(r"""
... POST /++etc++site/tools/groups/1/@@edit.html HTTP/1.1
... Authorization: Basic mgr:mgrpw
- ... Content-Length: 1426
... Content-Type: multipart/form-data; boundary=---------------------------67523504021030130962010243745
... Referer: http://localhost:8081/++etc++site/tools/groups/1/@@edit.html
...
@@ -556,7 +543,6 @@
>>> print http(r"""
... POST /++etc++site/tools/groups/+/AddGroupInformation.html%3D HTTP/1.1
... Authorization: Basic mgr:mgrpw
- ... Content-Length: 556
... Content-Type: multipart/form-data; boundary=---------------------------14430301351028860873795053640
...
... -----------------------------14430301351028860873795053640
@@ -587,7 +573,6 @@
>>> print http(r"""
... POST /++etc++site/tools/groups/power/@@edit.html HTTP/1.1
... Authorization: Basic mgr:mgrpw
- ... Content-Length: 1708
... Content-Type: multipart/form-data; boundary=---------------------------46600477014278930691159535998
...
... -----------------------------46600477014278930691159535998
@@ -650,7 +635,7 @@
>>> from zope.app.component.hooks import setSite
>>> setSite(getRootFolder())
-and we'll get the PAU:
+and we'll get the pluggable authentication utility:
>>> from zope.app import zapi
>>> principals = zapi.principals()
Modified: Zope3/branches/jim-rename-pau/src/zope/app/authentication/browser/principalfolder.txt
===================================================================
--- Zope3/branches/jim-rename-pau/src/zope/app/authentication/browser/principalfolder.txt 2005-01-24 19:25:19 UTC (rev 28946)
+++ Zope3/branches/jim-rename-pau/src/zope/app/authentication/browser/principalfolder.txt 2005-01-24 19:56:54 UTC (rev 28947)
@@ -1,12 +1,12 @@
Using Principal Folders
=======================
-Principal folders are PAU plugins that manage principal information,
-especially authentication credentials. To use a principal folder, you
-need to create a principal folder in a site management folder and then
-configure it in a PAU. Let's look at an example, in which we'll
-define a new manager named Bob. Initially, attempts to log in as Bob
-fail:
+Principal folders are Pluggable-Authentication plugins that manage
+principal information, especially authentication credentials. To use
+a principal folder, you need to create a principal folder in a site
+management folder and then configure it in a plugins authentication.
+Let's look at an example, in which we'll define a new manager named
+Bob. Initially, attempts to log in as Bob fail:
>>> print http(r"""
... GET /manage HTTP/1.1
@@ -120,20 +120,18 @@
>>> print http(r"""
... POST /++etc++site/default/@@contents.html HTTP/1.1
... Authorization: Basic bWdyOm1ncnB3
- ... Content-Length: 58
... Content-Type: application/x-www-form-urlencoded
... Referer: http://localhost:8081/++etc++site/default/@@contents.html
...
- ... type_name=BrowserAdd__zope.app.pau.pau.LocalPAU&new_value=""")
+ ... type_name=BrowserAdd__zope.app.authentication.authentication.LocalPluggableAuthentication&new_value=""")
HTTP/1.1 303 See Other
...
>>> print http(r"""
- ... POST /++etc++site/default/LocalPAU/addRegistration.html HTTP/1.1
+ ... POST /++etc++site/default/LocalPluggableAuthentication/addRegistration.html HTTP/1.1
... Authorization: Basic bWdyOm1ncnB3
- ... Content-Length: 852
... Content-Type: multipart/form-data; boundary=---------------------------1649392783947785437368129046
- ... Referer: http://localhost:8081/++etc++site/default/LocalPAU/
+ ... Referer: http://localhost:8081/++etc++site/default/LocalPluggableAuthentication/
...
... -----------------------------1649392783947785437368129046
... Content-Disposition: form-data; name="field.name"
@@ -167,11 +165,10 @@
and configure it to use the principal folder:
>>> print http(r"""
- ... POST /++etc++site/default/LocalPAU/@@edit.html HTTP/1.1
+ ... POST /++etc++site/default/LocalPluggableAuthentication/@@edit.html HTTP/1.1
... Authorization: Basic mgr:mgrpw
- ... Content-Length: 1818
... Content-Type: multipart/form-data; boundary=---------------------------11831623361211414588608810327
- ... Referer: http://localhost:8081/++etc++site/default/LocalPAU/@@edit.html
+ ... Referer: http://localhost:8081/++etc++site/default/LocalPluggableAuthentication/@@edit.html
...
... -----------------------------11831623361211414588608810327
... Content-Disposition: form-data; name="field.extractors.to"
Modified: Zope3/branches/jim-rename-pau/src/zope/app/authentication/browser/schemasearch.py
===================================================================
--- Zope3/branches/jim-rename-pau/src/zope/app/authentication/browser/schemasearch.py 2005-01-24 19:25:19 UTC (rev 28946)
+++ Zope3/branches/jim-rename-pau/src/zope/app/authentication/browser/schemasearch.py 2005-01-24 19:56:54 UTC (rev 28947)
@@ -21,7 +21,7 @@
from zope.i18n import translate
from zope.schema import getFieldsInOrder
from zope.app.zapi import getName, getPath
-from zope.app.pau.interfaces import IQuerySchemaSearch
+from zope.app.authentication.interfaces import IQuerySchemaSearch
from zope.app.form.utility import setUpWidgets, getWidgetsData
from zope.app.form.interfaces import IInputWidget
from zope.app.form.browser.interfaces import ISourceQueryView
Modified: Zope3/branches/jim-rename-pau/src/zope/app/authentication/browser/schemasearch.txt
===================================================================
--- Zope3/branches/jim-rename-pau/src/zope/app/authentication/browser/schemasearch.txt 2005-01-24 19:25:19 UTC (rev 28946)
+++ Zope3/branches/jim-rename-pau/src/zope/app/authentication/browser/schemasearch.txt 2005-01-24 19:56:54 UTC (rev 28947)
@@ -43,7 +43,8 @@
then we can get a view:
- >>> from zope.app.pau.browser.schemasearch import QuerySchemaSearchView
+ >>> from zope.app.authentication.browser.schemasearch \
+ ... import QuerySchemaSearchView
>>> from zope.publisher.browser import TestRequest
>>> request = TestRequest()
>>> view = QuerySchemaSearchView(MySearchPlugin(), request)
Modified: Zope3/branches/jim-rename-pau/src/zope/app/authentication/browserplugins.py
===================================================================
--- Zope3/branches/jim-rename-pau/src/zope/app/authentication/browserplugins.py 2005-01-24 19:25:19 UTC (rev 28946)
+++ Zope3/branches/jim-rename-pau/src/zope/app/authentication/browserplugins.py 2005-01-24 19:56:54 UTC (rev 28947)
@@ -28,7 +28,8 @@
import transaction
from urllib import urlencode
-from zope.app.pau.interfaces import IExtractionPlugin, IChallengePlugin
+from zope.app.authentication.interfaces import IChallengePlugin
+from zope.app.authentication.interfaces import IExtractionPlugin
class ISessionCredentials(Interface):
@@ -119,7 +120,8 @@
>>> request = TestRequest(authrequest='logout')
>>> se.extractCredentials(request)
- >>> Session(request)['zope.app.pau.browserplugins']['credentials']
+ >>> Session(request)['zope.app.authentication.browserplugins'][
+ ... 'credentials']
"""
implements(IExtractionPlugin)
@@ -127,7 +129,8 @@
""" return credentials from session, request or None """
#if not credentials:
# check for form data
- sessionData = ISession(request)['zope.app.pau.browserplugins']
+ sessionData = ISession(request)[
+ 'zope.app.authentication.browserplugins']
login = request.get('login', None)
password = request.get('password', None)
if login and password:
Modified: Zope3/branches/jim-rename-pau/src/zope/app/authentication/configure.zcml
===================================================================
--- Zope3/branches/jim-rename-pau/src/zope/app/authentication/configure.zcml 2005-01-24 19:25:19 UTC (rev 28946)
+++ Zope3/branches/jim-rename-pau/src/zope/app/authentication/configure.zcml 2005-01-24 19:56:54 UTC (rev 28947)
@@ -6,25 +6,25 @@
<interface interface=".interfaces.IPrincipalSearchPlugin" />
- <localUtility class=".LocalPAU">
+ <localUtility class=".LocalPluggableAuthentication">
<require
permission="zope.ManageServices"
- interface=".pau.IPAU"
- set_schema=".pau.IPAU"
+ interface=".authentication.IPluggableAuthentication"
+ set_schema=".authentication.IPluggableAuthentication"
/>
</localUtility>
<interface interface=".interfaces.IPrincipalSearchPlugin" />
<browser:addMenuItem
- class=".pau.LocalPAU"
+ class=".authentication.LocalPluggableAuthentication"
title="Pluggable Authentication Utility"
description="New-style pluggable authentication utility"
permission="zope.ManageServices"
/>
<browser:editform
- schema=".pau.IPAU"
+ schema=".authentication.IPluggableAuthentication"
label="Edit Pluggable Authentication Utility"
name="edit.html"
menu="zmi_views" title="Edit"
@@ -33,35 +33,35 @@
<vocabulary
name="ExtractionPlugins"
factory="zope.app.utility.vocabulary.UtilityVocabulary"
- interface="zope.app.pau.interfaces.IExtractionPlugin"
+ interface="zope.app.authentication.interfaces.IExtractionPlugin"
nameOnly="True"
/>
<vocabulary
name="AuthenticationPlugins"
factory="zope.app.utility.vocabulary.UtilityVocabulary"
- interface="zope.app.pau.interfaces.IAuthenticationPlugin"
+ interface="zope.app.authentication.interfaces.IAuthenticationPlugin"
nameOnly="True"
/>
<vocabulary
name="ChallengePlugins"
factory="zope.app.utility.vocabulary.UtilityVocabulary"
- interface="zope.app.pau.interfaces.IChallengePlugin"
+ interface="zope.app.authentication.interfaces.IChallengePlugin"
nameOnly="True"
/>
<vocabulary
name="PrincipalFactoryPlugins"
factory="zope.app.utility.vocabulary.UtilityVocabulary"
- interface="zope.app.pau.interfaces.IPrincipalFactoryPlugin"
+ interface="zope.app.authentication.interfaces.IPrincipalFactoryPlugin"
nameOnly="True"
/>
<vocabulary
name="PrincipalSearchPlugins"
factory="zope.app.utility.vocabulary.UtilityVocabulary"
- interface="zope.app.pau.interfaces.IPrincipalSearchPlugin"
+ interface="zope.app.authentication.interfaces.IPrincipalSearchPlugin"
nameOnly="True"
/>
Modified: Zope3/branches/jim-rename-pau/src/zope/app/authentication/groupfolder.py
===================================================================
--- Zope3/branches/jim-rename-pau/src/zope/app/authentication/groupfolder.py 2005-01-24 19:25:19 UTC (rev 28946)
+++ Zope3/branches/jim-rename-pau/src/zope/app/authentication/groupfolder.py 2005-01-24 19:56:54 UTC (rev 28947)
@@ -33,8 +33,9 @@
import zope.app.container.constraints
from zope.app.container.interfaces import IContained, IContainer
from zope.app.i18n import ZopeMessageIDFactory as _
-from zope.app.pau.interfaces import IAuthenticatedPrincipalCreated
-from zope.app.pau.interfaces import IQuerySchemaSearch, IPrincipalSearchPlugin
+from zope.app.authentication.interfaces import IAuthenticatedPrincipalCreated
+from zope.app.authentication.interfaces import IPrincipalSearchPlugin
+from zope.app.authentication.interfaces import IQuerySchemaSearch
import zope.app.security.vocabulary
class IGroupInformation(zope.interface.Interface):
Modified: Zope3/branches/jim-rename-pau/src/zope/app/authentication/groupfolder.txt
===================================================================
--- Zope3/branches/jim-rename-pau/src/zope/app/authentication/groupfolder.txt 2005-01-24 19:25:19 UTC (rev 28946)
+++ Zope3/branches/jim-rename-pau/src/zope/app/authentication/groupfolder.txt 2005-01-24 19:56:54 UTC (rev 28947)
@@ -9,10 +9,10 @@
Group folders contain group-information objects that contain group
information. We create group information using the `GroupInformation` class:
- >>> import zope.app.pau.groupfolder
- >>> g1 = zope.app.pau.groupfolder.GroupInformation("Group 1")
+ >>> import zope.app.authentication.groupfolder
+ >>> g1 = zope.app.authentication.groupfolder.GroupInformation("Group 1")
- >>> groups = zope.app.pau.groupfolder.GroupFolder('group.')
+ >>> groups = zope.app.authentication.groupfolder.GroupFolder('group.')
>>> groups['g1'] = g1
Groups are defined with respect to an authentication service. Groups
@@ -24,7 +24,7 @@
>>> import zope.interface
>>> from zope.app.security.interfaces import IAuthentication
- >>> from zope.app.pau.groupfolder import setGroupsForPrincipal
+ >>> from zope.app.authentication.groupfolder import setGroupsForPrincipal
>>> class Principal:
... def __init__(self, id, title, description):
@@ -58,14 +58,14 @@
This class doesn't really implement the full `IAuthenticationService`
interface, but it implements the `getPrincipal` method used by groups.
-It works very much like PAU. It creates principals on demand. It
-calls `setGroupsForPrincipal`, which is normally called as an event
-subscriber, when principals are created. In order for
-`setGroupsForPrincipal` to find out group folder, we have to register
-it as a utility:
+It works very much like the pluggable authentication utility. It
+creates principals on demand. It calls `setGroupsForPrincipal`, which
+is normally called as an event subscriber, when principals are
+created. In order for `setGroupsForPrincipal` to find out group
+folder, we have to register it as a utility:
>>> from zope.app.tests import ztapi
- >>> ztapi.provideUtility(zope.app.pau.groupfolder.IGroupFolder,
+ >>> ztapi.provideUtility(zope.app.authentication.groupfolder.IGroupFolder,
... groups)
The authentication service has a very simple implementation. It has a
@@ -115,7 +115,7 @@
Groups can contain groups:
- >>> g2 = zope.app.pau.groupfolder.GroupInformation("Group Two")
+ >>> g2 = zope.app.authentication.groupfolder.GroupInformation("Group Two")
>>> groups['G2'] = g2
>>> g2.principals = ['group.G1']
@@ -131,18 +131,18 @@
They need not be hierarchical:
- >>> ga = zope.app.pau.groupfolder.GroupInformation("Group A")
+ >>> ga = zope.app.authentication.groupfolder.GroupInformation("Group A")
>>> groups['GA'] = ga
- >>> gb = zope.app.pau.groupfolder.GroupInformation("Group B")
+ >>> gb = zope.app.authentication.groupfolder.GroupInformation("Group B")
>>> groups['GB'] = gb
>>> gb.principals = ['group.GA']
- >>> gc = zope.app.pau.groupfolder.GroupInformation("Group C")
+ >>> gc = zope.app.authentication.groupfolder.GroupInformation("Group C")
>>> groups['GC'] = gc
>>> gc.principals = ['group.GA']
- >>> gd = zope.app.pau.groupfolder.GroupInformation("Group D")
+ >>> gd = zope.app.authentication.groupfolder.GroupInformation("Group D")
>>> groups['GD'] = gd
>>> gd.principals = ['group.GA', 'group.GB']
Modified: Zope3/branches/jim-rename-pau/src/zope/app/authentication/groupfolder.zcml
===================================================================
--- Zope3/branches/jim-rename-pau/src/zope/app/authentication/groupfolder.zcml 2005-01-24 19:25:19 UTC (rev 28946)
+++ Zope3/branches/jim-rename-pau/src/zope/app/authentication/groupfolder.zcml 2005-01-24 19:56:54 UTC (rev 28947)
@@ -19,7 +19,7 @@
<subscriber
factory=".groupfolder.setGroupsForPrincipal"
- for="zope.app.pau.interfaces.IPAUPrincipalCreated"
+ for=".interfaces.IPrincipalCreated"
/>
<localUtility class=".groupfolder.GroupFolder">
Modified: Zope3/branches/jim-rename-pau/src/zope/app/authentication/idpicker.txt
===================================================================
--- Zope3/branches/jim-rename-pau/src/zope/app/authentication/idpicker.txt 2005-01-24 19:25:19 UTC (rev 28946)
+++ Zope3/branches/jim-rename-pau/src/zope/app/authentication/idpicker.txt 2005-01-24 19:56:54 UTC (rev 28947)
@@ -4,7 +4,7 @@
The Id pickler is a variation on the name chooser that picks numeric
ids when no name is given.
- >>> from zope.app.pau.idpicker import IdPicker
+ >>> from zope.app.authentication.idpicker import IdPicker
>>> IdPicker({}).chooseName('', None)
u'1'
Modified: Zope3/branches/jim-rename-pau/src/zope/app/authentication/interfaces.py
===================================================================
--- Zope3/branches/jim-rename-pau/src/zope/app/authentication/interfaces.py 2005-01-24 19:25:19 UTC (rev 28946)
+++ Zope3/branches/jim-rename-pau/src/zope/app/authentication/interfaces.py 2005-01-24 19:56:54 UTC (rev 28947)
@@ -20,10 +20,12 @@
import zope.interface
import zope.schema
-class IPAUPrincipalCreated(zope.interface.Interface):
- """A PAU principal object has been created
+class IPrincipalCreated(zope.interface.Interface):
+ """A PluggableAuthentication principal object has been created
- This event is generated when a transient PAU principal has been created.
+ This event is generated when a transient PluggableAutentication
+ principal has been created.
+
"""
principal = zope.interface.Attribute("The principal that was created")
@@ -36,7 +38,7 @@
),
)
-class IAuthenticatedPrincipalCreated(IPAUPrincipalCreated):
+class IAuthenticatedPrincipalCreated(IPrincipalCreated):
"""An authenticated principal object has been created
This event is generated when a principal has been created by
@@ -56,7 +58,7 @@
self.info = info
self.request = request
-class IFoundPrincipalCreated(IPAUPrincipalCreated):
+class IFoundPrincipalCreated(IPrincipalCreated):
"""Event indicating that a principal was created based on a search
"""
@@ -69,20 +71,22 @@
self.info = info
class IPlugin(zope.interface.Interface):
- """Provide functionality to be pluged into a PAU
+ """Provide functionality to be pluged into a Pluggable Authentication
"""
class IPrincipalIdAwarePlugin(IPlugin):
"""Principal-Id aware plugin
A requirements of plugins that deal with principal ids is that
- principal ids must be unique within a PAU. A PAU manager may want
- to use plugins to support multiple principal sources. If the ids
- from the various principal sources overlap, there needs to be some
- way to disambiguate them. For this reason, it's a good idea for
- id-aware plugins to provide a way for a PAU manager to configure
- an id prefix or some other mechanism to make sure that
- principal-ids from different domains don't overlap.
+ principal ids must be unique within a PluggableAuthentication. A
+ PluggableAuthentication manager may want to use plugins to support
+ multiple principal sources. If the ids from the various principal
+ sources overlap, there needs to be some way to disambiguate them.
+ For this reason, it's a good idea for id-aware plugins to provide
+ a way for a PluggableAuthentication manager to configure an id
+ prefix or some other mechanism to make sure that principal-ids
+ from different domains don't overlap.
+
"""
class IExtractionPlugin(IPlugin):
Deleted: Zope3/branches/jim-rename-pau/src/zope/app/authentication/pau.py
===================================================================
--- Zope3/branches/jim-rename-pau/src/zope/app/authentication/pau.py 2005-01-24 19:25:19 UTC (rev 28946)
+++ Zope3/branches/jim-rename-pau/src/zope/app/authentication/pau.py 2005-01-24 19:56:54 UTC (rev 28947)
@@ -1,184 +0,0 @@
-##############################################################################
-#
-# Copyright (c) 2004 Zope Corporation and Contributors.
-# All Rights Reserved.
-#
-# This software is subject to the provisions of the Zope Public License,
-# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
-# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
-# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
-# FOR A PARTICULAR PURPOSE.
-#
-##############################################################################
-"""Pluggable Authentication Utility implementation
-
-$Id$
-"""
-
-from zope.event import notify
-import zope.interface
-import zope.schema
-from persistent import Persistent
-
-from zope.schema.interfaces import ISourceQueriables
-
-from zope.app import zapi
-
-from zope.app.security.interfaces import IAuthentication
-from zope.app.utility.utility import queryNextUtility
-from zope.app.container.contained import Contained
-from zope.app.utility.interfaces import ILocalUtility
-from zope.app.location.interfaces import ILocation
-
-from zope.app.pau import interfaces
-from zope.app.pau.interfaces import IExtractionPlugin
-from zope.app.pau.interfaces import IAuthenticationPlugin
-from zope.app.pau.interfaces import IChallengePlugin
-from zope.app.pau.interfaces import IPrincipalFactoryPlugin
-from zope.app.pau.interfaces import IPrincipalSearchPlugin
-
-
-class IPAU(zope.interface.Interface):
- """Pluggable Authentication Utility
- """
-
- extractors = zope.schema.List(
- title=u"Credential Extractors",
- value_type = zope.schema.Choice(vocabulary='ExtractionPlugins'),
- default=[],
- )
-
- authenticators = zope.schema.List(
- title=u"Authenticators",
- value_type = zope.schema.Choice(vocabulary='AuthenticationPlugins'),
- default=[],
- )
-
- challengers = zope.schema.List(
- title=u"Challengers",
- value_type = zope.schema.Choice(vocabulary='ChallengePlugins'),
- default=[],
- )
-
- factories = zope.schema.List(
- title=u"Principal Factories",
- value_type = zope.schema.Choice(vocabulary='PrincipalFactoryPlugins'),
- default=[],
- )
-
- searchers = zope.schema.List(
- title=u"Search Plugins",
- value_type = zope.schema.Choice(vocabulary='PrincipalSearchPlugins'),
- default=[],
- )
-
-class PAU(object):
-
- zope.interface.implements(IPAU, IAuthentication, ISourceQueriables)
-
- authenticators = extractors = challengers = factories = searchers = ()
-
- def __init__(self, prefix=''):
- self.prefix = prefix
-
- def authenticate(self, request):
- authenticators = [zapi.queryUtility(IAuthenticationPlugin, name)
- for name in self.authenticators]
- for extractor in self.extractors:
- extractor = zapi.queryUtility(IExtractionPlugin, extractor)
- if extractor is None:
- continue
- credentials = extractor.extractCredentials(request)
- for authenticator in authenticators:
- if authenticator is None:
- continue
- authenticated = authenticator.authenticateCredentials(
- credentials)
- if authenticated is None:
- continue
-
- id, info = authenticated
- return self._create('createAuthenticatedPrincipal',
- self.prefix+id, info, request)
- return None
-
- def _create(self, meth, *args):
- # We got some data, lets create a user
- for factory in self.factories:
- factory = zapi.queryUtility(IPrincipalFactoryPlugin,
- factory)
- if factory is None:
- continue
-
- principal = getattr(factory, meth)(*args)
- if principal is None:
- continue
-
- return principal
-
- def getPrincipal(self, id):
- if not id.startswith(self.prefix):
- return self._delegate('getPrincipal', id)
- id = id[len(self.prefix):]
-
- for searcher in self.searchers:
- searcher = zapi.queryUtility(IPrincipalSearchPlugin, searcher)
- if searcher is None:
- continue
-
- info = searcher.principalInfo(id)
- if info is None:
- continue
-
- return self._create('createFoundPrincipal', self.prefix+id, info)
-
- return self._delegate('getPrincipal', self.prefix+id)
-
- def getQueriables(self):
- for searcher_id in self.searchers:
- searcher = zapi.queryUtility(IPrincipalSearchPlugin, searcher_id)
- yield searcher_id, searcher
-
-
- def unauthenticatedPrincipal(self):
- return None
-
- def unauthorized(self, id, request):
- protocol = None
-
- for challenger in self.challengers:
- challenger = zapi.queryUtility(IChallengePlugin, challenger)
- if challenger is None:
- continue # skip non-existant challengers
-
- challenger_protocol = getattr(challenger, 'protocol', None)
- if protocol is None or challenger_protocol == protocol:
- if challenger.challenge(request, request.response):
- if challenger_protocol is None:
- return
- elif protocol is None:
- protocol = challenger_protocol
-
- if protocol is None:
- self._delegate('unauthorized', id, request)
-
- def _delegate(self, meth, *args):
- # delegate to next AU
- next = queryNextUtility(self, IAuthentication)
- if next is None:
- return None
- return getattr(next, meth)(*args)
-
- # BBB
- def getPrincipals(self, name):
- import warnings
- warnings.warn(
- "The getPrincipals method has been deprecicated. "
- "It will be removed in Zope X3.3. "
- "You'll find no principals here.",
- DeprecationWarning, stacklevel=2)
- return ()
-
-class LocalPAU(PAU, Persistent, Contained):
- zope.interface.implements(IPAU, ILocation, ILocalUtility)
Modified: Zope3/branches/jim-rename-pau/src/zope/app/authentication/principalfolder.py
===================================================================
--- Zope3/branches/jim-rename-pau/src/zope/app/authentication/principalfolder.py 2005-01-24 19:25:19 UTC (rev 28946)
+++ Zope3/branches/jim-rename-pau/src/zope/app/authentication/principalfolder.py 2005-01-24 19:56:54 UTC (rev 28947)
@@ -20,7 +20,7 @@
import zope.interface
from zope.schema import Text, TextLine, Password
-from zope.app.pau import interfaces
+from zope.app.authentication import interfaces
from persistent import Persistent
from zope.interface import Interface, implements
Modified: Zope3/branches/jim-rename-pau/src/zope/app/authentication/principalfolder.txt
===================================================================
--- Zope3/branches/jim-rename-pau/src/zope/app/authentication/principalfolder.txt 2005-01-24 19:25:19 UTC (rev 28946)
+++ Zope3/branches/jim-rename-pau/src/zope/app/authentication/principalfolder.txt 2005-01-24 19:56:54 UTC (rev 28947)
@@ -5,13 +5,14 @@
principal information. We create principal information using the
`PrincipalInformation` class:
- >>> import zope.app.pau.principalfolder
- >>> p1 = zope.app.pau.principalfolder.PrincipalInformation(
+ >>> import zope.app.authentication.principalfolder
+ >>> p1 = zope.app.authentication.principalfolder.PrincipalInformation(
... 'login1', '123', "Principal 1")
- >>> p2 = zope.app.pau.principalfolder.PrincipalInformation(
+ >>> p2 = zope.app.authentication.principalfolder.PrincipalInformation(
... 'login2', '456', "The Other One")
- >>> principals = zope.app.pau.principalfolder.PrincipalFolder('principal.')
+ >>> principals = zope.app.authentication.principalfolder.PrincipalFolder(
+ ... 'principal.')
>>> principals['p1'] = p1
>>> principals['p2'] = p2
@@ -74,7 +75,7 @@
>>> for i in range(20):
... i = str(i)
- ... p = zope.app.pau.principalfolder.PrincipalInformation(
+ ... p = zope.app.authentication.principalfolder.PrincipalInformation(
... 'l'+i, i, "Dude "+i)
... principals[i] = p
Modified: Zope3/branches/jim-rename-pau/src/zope/app/authentication/principalplugins.py
===================================================================
--- Zope3/branches/jim-rename-pau/src/zope/app/authentication/principalplugins.py 2005-01-24 19:25:19 UTC (rev 28946)
+++ Zope3/branches/jim-rename-pau/src/zope/app/authentication/principalplugins.py 2005-01-24 19:56:54 UTC (rev 28947)
@@ -22,7 +22,7 @@
from zope.security.interfaces import IGroupAwarePrincipal
-from zope.app.pau import interfaces
+from zope.app.authentication import interfaces
class Principal:
"""A simple Principal
@@ -90,7 +90,7 @@
implements(interfaces.IPrincipalFactoryPlugin)
def createAuthenticatedPrincipal(self, id, info, request):
- """See zope.app.pau.interfaces.IPrincipalFactoryPlugin"""
+ """See zope.app.authentication.interfaces.IPrincipalFactoryPlugin"""
principal = Principal(id)
notify(interfaces.AuthenticatedPrincipalCreated(principal,
info, request))
@@ -98,7 +98,7 @@
def createFoundPrincipal(self, id, info):
- """See zope.app.pau.interfaces.IPrincipalFactoryPlugin"""
+ """See zope.app.authentication.interfaces.IPrincipalFactoryPlugin"""
principal = Principal(id)
notify(interfaces.FoundPrincipalCreated(principal, info))
return principal
Modified: Zope3/branches/jim-rename-pau/src/zope/app/authentication/principalplugins.zcml
===================================================================
--- Zope3/branches/jim-rename-pau/src/zope/app/authentication/principalplugins.zcml 2005-01-24 19:25:19 UTC (rev 28946)
+++ Zope3/branches/jim-rename-pau/src/zope/app/authentication/principalplugins.zcml 2005-01-24 19:56:54 UTC (rev 28947)
@@ -11,7 +11,7 @@
/>
<subscriber
- for=".interfaces.IPAUPrincipalCreated"
+ for=".interfaces.IPrincipalCreated"
factory=".principalplugins.addTitleAndDescription"
/>
Modified: Zope3/branches/jim-rename-pau/src/zope/app/authentication/tests.py
===================================================================
--- Zope3/branches/jim-rename-pau/src/zope/app/authentication/tests.py 2005-01-24 19:25:19 UTC (rev 28946)
+++ Zope3/branches/jim-rename-pau/src/zope/app/authentication/tests.py 2005-01-24 19:56:54 UTC (rev 28947)
@@ -62,12 +62,12 @@
def test_suite():
return unittest.TestSuite((
- doctest.DocTestSuite('zope.app.pau.generic'),
- doctest.DocTestSuite('zope.app.pau.httpplugins'),
+ doctest.DocTestSuite('zope.app.authentication.generic'),
+ doctest.DocTestSuite('zope.app.authentication.httpplugins'),
doctest.DocFileSuite('principalfolder.txt'),
doctest.DocFileSuite('idpicker.txt'),
- doctest.DocTestSuite('zope.app.pau.principalplugins'),
- doctest.DocTestSuite('zope.app.pau.browserplugins',
+ doctest.DocTestSuite('zope.app.authentication.principalplugins'),
+ doctest.DocTestSuite('zope.app.authentication.browserplugins',
setUp=formAuthSetUp,
tearDown=formAuthTearDown),
doctest.DocFileSuite('README.txt',
More information about the Zope3-Checkins
mailing list