[Zope3-Users] Authentication question

Stephan Richter srichter at cosmos.phy.tufts.edu
Sun Sep 11 14:19:02 EDT 2005 

Okay, I am answering this as good as I can, but I will not anymore, if the 
notice remains.

On Wednesday 31 August 2005 17:23, Pete Taylor wrote:
> After working through philiKON's web component development book, I decided
> to move to zope3.1 (mostly because I wanted to snag the homefolder code,
> which of course he also wrote).  

I don't know which homefolder code you are referring to, but the one in 
zope.app.authentication was originally developed by myself, with many other 
contributors thereafter.

> In the process of doing this, I decided to 
> subclass and override some of IPrincipalFolder.

Where is this interface? I just searched the trunk for IPrincipalFolder and 
could not find it.

> I create a folder, turn it 
> into a site, add a pluggableAuthentication utility (non-named), and create
> my new principal folder implementation.  I can create new principals of my
> own type in these folders... (I wanted to use role manager to add some
> roles at creation time, rather than explicitly granting them at different
> locations through the ZMI).  That part seems to be working.



> However...
>
> I can't actually log in with my new user's credentials.  If I connect to
> specific resources over xmlrpc using my new set of credentials, it works, I
> can connect to and modify objects with my new principal.  But logging in
> over the web fails.  I'm using cookieauth, almost line for line from the
> web component development book, and it does, if I dump a bunch of debug
> statements in, prove to be working as the ILoginPassword interface that's
> getting the info when I post up my username/password (as zope_user,
> zope_pass).

This seems very specific to Philipp's book; you might want to contact him 
directly.

> After some digging, I noticed that in zope.app.security.principalregistry
> where it's implementing IAuthentication.authenticate it checks for
> __principalsByLogin[login].  That dictionary only ever, for me, contains my
> administrative user (when I throw in some print statements to verify).
> Since it's called by zope.app.publication in beforeTraversal, that makes
> sense that it's only checking local registry, but I don't know how to push
> it along to check the next IAuthentication implementation available.
>
> I may, also, be going about this the wrong way.  Any thoughts?

I think your setup is so specific that a general list like this will not be of 
any help.

Regards,
Stephan
-- 
Stephan Richter
CBU Physics & Chemistry (B.S.) / Tufts Physics (Ph.D. student)
Web2k - Web Software Design, Development and Training

More information about the Zope3-users mailing list