[Zope] session
Maciej Wisniowski
maciej.wisniowski at coig.katowice.pl
Tue Feb 13 09:11:53 EST 2007
> this is my plugin. i want to authenticatedCredentials take credentials
> and validate these credentials if user exists in acl_users .
> ExtractCredentials take login and password from Form and it send that
> information to authenticatedCredentials, so i start like a Member.
> Now, it don´t work fine. I want to sustitute methods
> extractCredentials from credentials_cookie_auth and
> authentificatedCredentials from source_users.
> i don´t know what to do in this sense
>
OK, this is more sensible now, but why do you need your own
plugin for this? Standard CookieAuthHelper and ZODBUserManager
plugins are not enough for your use case?
Seems that your problem (that you start like a Member
but after clicking somewhere else you're unauthenticated) is
because of code in extract credentials.
What happens there? Credentials are extracted from request.
So, if you have __ac_name and __ac_password in the request you're
authentictated. When you're visiting another url, there is no __ac_name
and __ac_password in request anymore, so you become unauthenticated.
Right? So you have to store somewhere information about sucessful login.
Solution might be the code I've sent you in previous mail.
After authentication with __ac_name and __ac_password from
the request it stores data in session. Then, on another pages
session is checked for credentials and... you should be still
authenticated. Another solution is to just use CookieAuthHelper
which stores data in cookies.
This is first part. You have credentials. Second thing is to
compare them with users stored in ZODB (that what ZODBUserManager
is doing...)
--
Maciej Wisniowski
More information about the Zope
mailing list