[Zope3-Users] logout feature with zope3

Jing Song janejsong at yahoo.com
Wed Dec 7 00:40:13 EST 2005


Thanks Dominik and Alec for your inputs.  Now I implement the  authentication adapter using browser cookies with customized form and  it works.
    
    But I'm having another trouble. We use ldap authentication to store the  user information.  How could that work with cookies to do login and  logout?  ls there any example or reference materials available? I am  pretty new in this area, any information will be very much helpful. 
  
  Jane

Dominik Huber <dominik.huber at perse.ch> wrote:  The global PrincipalRegistry does not provide any logout mechanism 
(regular principals registered within zcml).

The PAU provides the logout mechanism invoking the configured credential 
plugin. One simple way to get the logout mechanism is to use the 
'Session Credentials'-plugin. (The basic HTTPBasicAuthCredentialsPlugin 
does not provide logout mechansim.).

Don't forget to register the following adapter within your overrides.zcml:
  
      factory="zope.app.security.LogoutSupported"
      />

Regards,
Dominik

Alec Munro wrote:

>Hi Jane,
>
>I'm not an expert, but having run into a similar situation myself, you
>may be out of luck. The HTTP Auth (what generates the popup window) is
>almost entirely separate from other browser functionality, and once
>the authentication is complete, I don't know of any way you could
>access the password. It's possible that you could create a custom
>authentication method that combined Basic HTTP with cookie based
>Authentication, but it might be simpler to setup a login form for your
>users, if that's an option, and use the standard cookie based auth.
>
>Actually, a third option might be to use the Basic HTTP auth, and then
>use request.principal to lookup the actual principal information,
>including login and password. I believe Zope is currently storing
>passwords plain text, so this might work for your purposes. This seems
>rather unclean to me, but it might get the job done.
>
>As I said, I am not an expert, but I hope this is at least somewhat helpful.
>
>Alec Munro
>
>On 12/6/05, Jing Song  wrote:
>  
>
>>Hi,
>>
>>I have problems to implement my zope logout feature. Since the Basic HTTP
>>Authentication does not funcition properly, I'm trying to work around by
>>using Philipp's cookie based authentication solution showing in the
>>Worldcookery example. But if I only use the default pop-up login window
>>without using a customized login form, how could I get the user name and the
>>password to set the cookie so that the logout can also function.
>>
>>Any idea or example would be very much appreciated. Thank you in advance!
>>
>>Jane
>>
>> ________________________________
>> Yahoo! Personals
>> Let fate take it's course directly to your email.
>> See who's waiting for you Yahoo! Personals
>>
>>
>>_______________________________________________
>>Zope3-users mailing list
>>Zope3-users at zope.org
>>http://mail.zope.org/mailman/listinfo/zope3-users
>>
>>
>>
>>    
>>
>_______________________________________________
>Zope3-users mailing list
>Zope3-users at zope.org
>http://mail.zope.org/mailman/listinfo/zope3-users
>  
>


-- 
Dominik Huber

Perse Engineering GmbH
Jurastrasse 9a
CH-5406 Baden
              
E-Mail: dominik.huber at perse.ch
Telefon: ++41 56 534 7730

begin:vcard
fn:Dominik Huber
n:Huber;Dominik
email;internet:dominik.huber at perse.ch
tel;work:++41 56 534 77 30
x-mozilla-html:FALSE
version:2.1
end:vcard




			
---------------------------------
Yahoo! Shopping
 Find Great Deals on Gifts at Yahoo! Shopping 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.zope.org/pipermail/zope3-users/attachments/20051206/20f98292/attachment-0001.htm


More information about the Zope3-users mailing list