[Grok-dev] megrok.login: substituting authenticator

Uli Fouquet uli at gnufix.de
Mon Sep 6 07:17:22 EDT 2010

Hi Aroldo,

Aroldo Souza-Leite wrote:

> I'm trying to substitute the 
> 'authplugins.PrincipalRegistryAuthenticator' in 'megrok.loging' by 
> another authenticator that uses an external database of users. I 
> understand I have to model a class that implements 
> 'IAuthenticatorPlugin'. But where do I tell 'megrok.login' to use the my 
> custom authenticator?

You have to write your own PAU setup and register it using
`megrok.login.setup()`. For this you need an own setup function, roughly
like this::

 from zope.pluggableauth.plugins.session import SessionCredentialsPlugin

 def customPAUSetup(site, pau, viewname=None, strict=None,
     """Setup our own PAU.
     # Assuming your authenticator is registered as a named global 
     # utility 'My custom authenticator plugin'
     pau.authenticatorPlugins = ('My custom authenticator plugin', )
     pau['custom_session'] = session = SessionCredentialsPlugin()
     pau.credentialsPlugins = ('No Challenge if Authenticated',

and then register this setup like this::

  import grok
  import megrok.login

  class CustomSetupApp(grok.Application, grok.Container):

If you create a new application, the new PAU will be active.
A more elaborate example of the setup is part of the docs in


Naturally, if you do so much things yourself, you might be better off
dropping megrok.login and using the pluggableauth stuff directly.

Best regards,


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : http://mail.zope.org/pipermail/grok-dev/attachments/20100906/41606ec2/attachment.bin 

More information about the Grok-dev mailing list