[Zope3-Users] Still trying to figure out PAU

Florian Lindner mailinglists at xgm.de
Thu Feb 2 16:41:52 EST 2006


Hello,
I'm still desperately trying to figure out the PluggableAuthentication.

I perform the following steps:

1) Create an instance of my folderish, possible site (named A), content 
object.

2) I create a site in it.

3) I add a PAU in the default software space

4) I add a SessionCredentialsPlugin and a PrincipalFolder as plugins.

5) I create a internal principal with "Title" = "zope.Manager" (tried also 
other ones). name = abc

6) In the SessionCredentialsPlugin I leave to "loginForm.html". I've a 
loginForm.html view in my A-object)

7) I register all components (SessionCreadentiasPlugin, PrincipalFolder and 
PAU)

8) Now I access a view obect A-object that requires certain permissions that 
which the role of abc have.

9) I get redirected to the loginForm.html I've defined.

10) I provide the user credentials of testuser.

11) I've set a breakpoint in 
zope/app/authentication/principalfolder.py(274)authenticateCredentials()

The credentials are extracted correctly:

(Pdb) credentials
{'login': u'abc', 'password': u'123'}

The password check also validates: it executes that line:

284 return PrincipalInfo(self.prefix + id, internal.login, internal.title,
285                                  internal.description)

But now the authenticateCredentials function is called a second time with 
empty credentials which of course makes it return None.


12) I'm redirected to the loginForm.html again, though the loginForm.html form 
header is like <form method="post" enctype="multipart/form-data"
              action="http://URL from cameform"

13) The ErrorReportingUtility show two unauthorized execeptions.

The first one with User: unauthenticated, zope.anybody, Unauthenticated User,

The second one with User: unauthenticated, cs1, CS.User,
(cs is my prefix, CS.User one of the roles I tried)

Whis is ok IMO, since the first call is made without authorization. By why 
does if fail at the second time.

Hope somebody can englight me...

Thanks,

Florian


More information about the Zope3-users mailing list