On 06/21/2010 05:32 PM, Noah Kantrowitz wrote:
> > You are probably going to want to subclass the normal LoginModule
which has
> > a cookie-based session system in it. It normally only checks the
HTTP creds
> > when you go to /login, after which point it creates a session token and
> > hands it to you in a cookie.
> >
> > --Noah
> >
I guess I could have included that context:
class ATTLoginModule(LoginModule):
"""An AT&T SingleSignOn-based login module."""
logonServer = Option('ATTSingleSignOn', 'logonServer',
doc='URL for single sign on server server')
login_path = Option('ATTSingleSignOn', 'login_path', default='/login',
doc='Path component for the login system')
logout_path = Option('ATTSingleSignOn', 'logout_path',
default='/logout',doc='Path component for the logout system')
validate_path = Option('ATTSingleSignOn', 'validate_path',
default='/validate', doc='Path component for the validation system')
secureCookie = Option('ATTSingleSignOn', 'secureCookie',
doc='name of cookie that holds the user info')
# IAuthenticatorMethods
def authenticate(self, req):
if not req.incookie.has_key(self.secureCookie):
#after central login you will be bounced back here
req.redirect(self.logonServer + req.abs_href.login())
return 'anonymous'
else:
username=self.decrypt(req.incookie[self.secureCookie])
if username == "":
#expired cookie most likely
req.redirect(self.logonServer + req.abs_href.login())
return 'anonymous'
return username
--
You received this message because you are subscribed to the Google Groups "Trac
Development" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/trac-dev?hl=en.
