[Zope-PTK] Re: [Zope-dev] Membership and Local Roles :: ASPN Mail Archive

Recent Messages
List Archives
About the List
List Leaders
Subscription Options

View Subscriptions
Help

View by Topic
ActiveState
.NET Framework
Open Source
Perl
PHP
Python
Tcl
Web Services
XML & XSLT

View by Category
Database
General
SOAP
System Administration
Tools
User Interfaces
Web Programming
XML Programming

MyASPN >> Mail Archive >> zope-cmf

zope-cmf

[Zope-PTK] Re: [Zope-dev] Membership and Local Roles
by Michael Bernstein other posts by this author
Sep 23 2000 9:33AM messages near this date

Re: [Zope-PTK] Resource name incorrectly reproduced | [Zope-PTK] Re: [Zope-dev] Membership and Local Roles

Michael Bernstein wrote:
>  
>  Michael Bernstein wrote:
>  >
>  > I figured out how to get this to work (finally).
>  >
>  > In the acl_users LM, add the following two Python methods:
>  
>  Well, I discovered another problem:
>  
>  For some reason, when I create a PortalMembership member, add the two
>  Python methods as I described earlier, and use the local roles screen to
>  give them a role, they are subsequently authenticated regardless of
>  whether their password is correct.
>  
>  Here's an example illustrating the bug:
>  
>  [snip example]

This password problem is fixed with Bill Andersons new
release of Membership 0.7.6, so the local roles fix now
works generally.

There is still a platform dependent password problem with
Membership though. It affects Solaris and HPUX (possibly
other unices) but not Linux, and has to do with the crypt
module not being loaded correctly on those platforms,
causing passwords to be encrypted omly part of the time.

Here is the fix for local roles:

First, the User Source needs to support a getUserNames
method. This can be done two ways:

You can add a Python method to the LoginManager named
getUserNames that takes a 'self' parameter, and has the
following body:

 user_ids=self.UserSource.getPersistentItemIDs()

 names=[]
 for i in user_ids:
     names.append(i)
 return names

Or you can add the following code directly to the
PersistentUserSource.py file, preferably right befor or
after the getUsers method:

    def getUserNames(self):
        user_ids=self.getPersistentItemIDs()
        names=[]
        for i in user_ids:
            names.append(i)
        return names

(I hope this will get included in future versions of
Membership)

Next we need to provide a user_names method in the
LoginManager. Currently I only have a Python method to drop
in to the LM. it takes a 'self' parameter, and has the
following body if it's calling another Python method:

return self.getUserNames()

Or if you're calling the method in PersistentUserSource.py,
it has this body:

return self.UserSource.getUserNames()

Note that this user_names method has some disadvantages, and
it needs to be generalized to deal with multiple User
Sources that aren't all named UserSource, and that may not
all implement the getUserNames interface, and that may have
duplicate user names in them.

Suggestions on how to do this would be welcome.

I hope that this little set of instructions helps others who
are trying to integrate LM with the existing security
interface and local roles.

Comments, testing, and improvements would be welcomed.

HTH,

Michael Bernstein.

Thread:

Michael Bernstein

Steve Alexander

Bill Anderson

Michael Bernstein