[Zope3-Users] Still trying to figure out PAU

[Florian Lindner]

Hello,
I'm still desperately trying to figure out the PluggableAuthentication.

I perform the following steps:

1) Create an instance of my folderish, possible site (named A), content 
object.

2) I create a site in it.

3) I add a PAU in the default software space

4) I add a SessionCredentialsPlugin and a PrincipalFolder as plugins.

5) I create a internal principal with "Title" = "zope.Manager" (tried also 
other ones). name = abc

6) In the SessionCredentialsPlugin I leave to "loginForm.html". I've a 
loginForm.html view in my A-object)

7) I register all components (SessionCreadentiasPlugin, PrincipalFolder and 
PAU)

8) Now I access a view obect A-object that requires certain permissions that 
which the role of abc have.

9) I get redirected to the loginForm.html I've defined.

10) I provide the user credentials of testuser.

11) I've set a breakpoint in 
zope/app/authentication/principalfolder.py(274)authenticateCredentials()

The credentials are extracted correctly:

(Pdb) credentials
{'login': u'abc', 'password': u'123'}

The password check also validates: it executes that line:

284 return PrincipalInfo(self.prefix + id, internal.login, internal.title,
285                                  internal.description)

But now the authenticateCredentials function is called a second time with 
empty credentials which of course makes it return None.


12) I'm redirected to the loginForm.html again, though the loginForm.html form 
header is like <form method="post" enctype="multipart/form-data"
              action="http://URL from cameform"

13) The ErrorReportingUtility show two unauthorized execeptions.

The first one with User: unauthenticated, zope.anybody, Unauthenticated User,

The second one with User: unauthenticated, cs1, CS.User,
(cs is my prefix, CS.User one of the roles I tried)

Whis is ok IMO, since the first call is made without authorization. By why 
does if fail at the second time.

Hope somebody can englight me...

Thanks,

Florian