AW: [Zope3-Users] Disabling authentication for resources
Bernd Dorn
bernd.dorn at lovelysystems.com
Thu Jul 10 04:01:45 EDT 2008
On Jul 10, 2008, at 6:47 AM, andrew wrote:
> On Thu, 2008-07-10 at 02:44 +0200, Roger Ineichen wrote:
>> I guess bypass the authentication process is not supported for
>> zope.Public protected objects.
>>
>> Zope does authenticate the user. And later it checks security
>> for the object based on that user (authorization).
>>
>> zope.Public is correct for public access, but it doesn't mean
>> the user get not authenticated. Remember authentication and
>> authorization are two different things.
>>
>> I'm not really sure. But I guess without authentication,
>> Zope doesn't know if even zope.Public is allowed for this
>> user because you can deny permissions. But I'm also not sure
>> without to introspect the code if zope.Public can set as deny.
>>
>> Hope that gives some hints for deep into the internals
>> of IAuthentication. If you need a simpler implementation,
>> take a look at z3c.authenticator.
>
> That's great, thanks Roger. That's a good point that authentication
> and
> authorization are different things. So, it would seem that there's no
> easy way to avoid the authentication process altogether, so I'll just
> hope that the overhead is not too great :-)
>
we have a special IAuthentication plugin that accepts regular
expressions for public urls, if the regex matches we just return None
in authenticate - so the principal is the anonymous user. No principal
lookup needs to be done.
sorry, but the code is not open-source, but it should be easy to
implement
cheers, bernd
> Cheers, Andrew.
>
> _______________________________________________
> Zope3-users mailing list
> Zope3-users at zope.org
> http://mail.zope.org/mailman/listinfo/zope3-users
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2548 bytes
Desc: not available
Url : http://mail.zope.org/pipermail/zope3-users/attachments/20080710/57fe5af6/smime-0001.bin
More information about the Zope3-users
mailing list