I've been mucking around with writing an IAuthenticator class. The only
method I have to supply is "authenticate" Within our corporate
environment we use a "common logon" system that sets an encrypted cookie
in the users browser. Our systems then grab said cookie and decrypt
using the public key which let's us know who the user is. I've been able
to write "authenticate" but I'm a bit curious as to why it is called so
many times and whether or not there is a way to authenticate for an
entire active session. I don't want to waste CPU decrypting the cookie
each time the user navigates to a new page. Here's the code snippet:
def authenticate(self, req):
if not req.incookie.has_key(self.secureCookie):
#after central login you will be bounced back here
req.redirect(self.logonServer + req.abs_href.login())
return 'anonymous'
else:
username=self.decrypt(req.incookie[self.secureCookie])
if username == "":
#expired cookie most likely
req.redirect(self.logonServer + req.abs_href.login())
return 'anonymous'
return username
I tried to check to see if "authname" was set but that seems to cause
infinite recursion. Ideally a session variable would store the
authenticated name the first time it was called and authenticate would
not be called anymore. Trac may not have done it this way because using
htpasswd always sends the authentication data with each page browse.
ASE
--
You received this message because you are subscribed to the Google Groups "Trac
Development" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/trac-dev?hl=en.
