[Zope] [Ann] Post-Authentication-Hook patch

Dieter Maurer dieter at handshake.de
Tue Sep 23 17:15:48 EDT 2003


In some case, you want to take special actions once the user has been
determined at the end of traversal. You may, e.g., want to deny
Manager role to any non HTTPS request.


This patch adds support for a *post authentication hook*. It adds code
to the 'validated_hook', called when the user is successfully
authenticated. The code tries to acquire an object
'post_authentication_hook' from 'request.PARENTS[0]'. If this is
successful, it calls this object with the arguments 'request' and
'user'. Usually, this call will raise Unauthorized when it has
objections against the request.


Download:  <http://www.dieter.handshake.de/pyprojects/zope/postauth.pat>


Dieter



More information about the Zope mailing list