[Zope] Authentication/Validation & overriding exception responses patterns

Chris McDonough chrism@digicool.com
Thu, 12 Apr 2001 09:34:59 -0400


Hi Andrew,

> So it seems to me that Zope's user validation mechanism has a "feature"
> ("flaw"):  There is no way to unequivocally deny access or completely
change
> the login behavior for a resource from within YourFolder's acl_users other
> than to raise an exception.  This is because returning 'None' from within
> your validate method causes Zope to seek validation up the path.

This is about right.

> At best, such as when Zope's "standard" mechanism of user acquisition is
> what's desired here's what will happen:  If there is user data in the
> cookie, and that user exists & is valid, the request will be validated by
> the higher level folder and the higher level folder's user's roles apply.
> That's standard Zope behavior, right?  Acquisition

The user folders are not found via acquisition, but that's a good
description.

> I have nothing against exceptions per-se, except that they seem to
> circumvent the "natural" progression of events within the Zope server.
> E.g., transactions and other request/response handling gets co-opted.
> Aren't there situations where it would be valid to engage in certain
server
> side interactions --even though-- the requested page was forbidden or the
> user unknown?

Yes, probably.  In practice, though, the interaction is at such an early
stage in the request that throwing an exception doesn't usually coopt any
important transaction data.  Do you have a need to not throw the exception
due to a requirement to write to the ZODB before successful auth?

> So, if raising an exception is simply the accepted means of handling this
> type of situation, then I have a few more questions:  (1) What is the
> accepted pattern for overidding HTTPResponse's exception() code?  I see
that
> the original LoginManager code swizzles the unauthorize() function
pointer,
> is that what I should do to change exception handling too?  (2) How do
> people typically make sure that "pretty" exception pages are displayed to
> users?  Is the accepted paradigm to put a <dtml-try> wrapper in the
> standard-html_header/standard-html_footer?

1.  I don't know.  ;-)

2.  Yes.

HTH,

- C