[Zope-PAS] Cookie authentication and stuff
Tino Wildenhain
tino at wildenhain.de
Mon Aug 30 09:05:55 EDT 2004
Hi,
maybe its fixed in the CVS, but trying
out the tar.gz I found some issues.
in utils.py there was an endless loop
looking for a folder with name "Products"
I replaced it with:
product_dir, utils_module_file = os.path.split(
os.path.abspath(__file__) )
product_prefix = os.path.abspath(os.path.join(product_dir,"..",".."))
(and removed the while part)
When the PAS is in a subfolder,
it does not create a anonymous
user but returns None so BaseRequest.py
goes on to find another UserFolder
down the path and finally raises
Unauthorized()
I changed file PluggableAuthService.py
line 267: in validate()
if not is_top:
# ok we dont find a user, but we may have other userfolders
# down the path. Lets see if one of them would like to
# handle it
me=self.aq_parent # we want our folder, there must be at
least one
while hasattr(me,"aq_parent"):
me=me.aq_parent
if hasattr(me,"__allow_groups__"):
megr=me.__allow_groups__
if hasattr(megr,"validate"):
u=megr.validate(request,auth,roles)
if u is not None:
return None # we should probably return
# the user here, but I'm not
# sure and leave it to
BaseRequest
# for now
#return None
#
# No other user folder above us can satisfy, and we have no
user;
# return a constructed anonymous only if anonymous is
authorized.
#
anonymous = self._createAnonymousUser( plugins )
self._authorizeUser( anonymous
, accessed
, container
, name
, value
, roles
) # call it but ignore return value for
now
return anonymous
now we have anonymous, but challenge() is still not called.
How is it meant to be?
Regards
Tino Wildenhain
More information about the Zope-PAS
mailing list