[Zope3-Users] PAU / credentials / authentication

Hermann Himmelbauer dusty at qwer.tk
Wed Sep 5 05:24:23 EDT 2007 

Hi,
After thoroughly studying Philipp's book and the PAU-doctests, I unfortunately 
still have no clue how to do my authentication. My (simple) scenario is the 
following:

- I wrote a Zope package that can be added as a site
- I have one Zope instance with several of these sites
- Users should authenticate site-specific, e.g. users that authenticated for 
site A should not automatically be authenticated for site B and never for the 
Zope root
- I want to use Session Credentials
- I wrote an authenticator plug-in for an existing relational database that 
looks like this:

class PasswdAuthenticator(Persistent):
    implements(IPasswd, IAuthenticatorPlugin, ILocation)
    __parent__ = __name__ = None

    def authenticateCredentials(self, credentials):
        if not (credentials and 'login' in credentials and
                'password' in credentials):
            return
        login, password = credentials['login'], credentials['password']
        if relation_db_check(login,passwd):
            return PrincipalInfo()

Now I have to glue all this together, but how?

Do I need a local, site specific PAU? If yes, how do I create/store one 
without the ZMI? I want that to automatically be done during site creation, 
e.g. via a subscriber (I have already one that builds the basic site 
structure). Probably a PAU is created like this:

pau = zope.app.authentication.PluggableAuthentication('myprefix_')

But - how do I add this to my site manager then? Have the prefixes to be 
different for every PAU that are located in the different sites?

How do I enable Session Credentials, or are they already enabled?

And - how do I tell the PAU to use my authentication utility, perhaps I have 
to create one and somehow place it into the PAU, as it's a container? Or 
should I register it as a local utility? Or as a global utility? In case of a 
utility, the Authenticator Plugin probably does not have to inherit from 
persistent.Persistent?

Moreover Philipp's book states that available plug-ins need to be configured 
but I don't know to do this without the ZMI?

Best Regards,
Hermann

-- 
x1 at aon.at
GPG key ID: 299893C7 (on keyservers)
FP: 0124 2584 8809 EF2A DBF9  4902 64B4 D16B 2998 93C7

More information about the Zope3-users mailing list