Re: [W3af-develop] [W3af-svn-notify] SF.net SVN: w3af:[4444] branches/auth-plugins

Mon, 17 Oct 2011 05:26:47 -0700 

Dsimonov,

    I would add something similar to this:

                        for plugin in self._plugins['auth']:
                            plugin.userLogin( self.uriOpener )

    To the audit section of w3afCore, but in that section, instead of
those two lines I would do something like:

                        for plugin in self._plugins['auth']:
                            if not plugin.isUserLogged():
                                plugin.userLogin( self.uriOpener )

    Also, I wouldn't pass uriOpener as a parameter for userLogin() , I
recommend setting it as an attribute of the plugin (similar to what's
done in audit and discovery plugins).

Regards,

On Mon, Oct 17, 2011 at 2:32 AM,  <dsimo...@users.sourceforge.net> wrote:
> Revision: 4444
>          http://w3af.svn.sourceforge.net/w3af/?rev=4444&view=rev
> Author:   dsimonov
> Date:     2011-10-17 05:32:59 +0000 (Mon, 17 Oct 2011)
> Log Message:
> -----------
> Base auth plugins
>
> Modified Paths:
> --------------
>    branches/auth-plugins/core/controllers/w3afCore.py
>
> Added Paths:
> -----------
>    branches/auth-plugins/core/controllers/basePlugin/baseAuthPlugin.py
>    branches/auth-plugins/plugins/auth/
>    branches/auth-plugins/plugins/auth/__init__.py
>    branches/auth-plugins/plugins/auth/yandex.py
>
> This was sent by the SourceForge.net collaborative development platform, the 
> world's largest Open Source development site.
>
>
> ------------------------------------------------------------------------------
> All the data continuously generated in your IT infrastructure contains a
> definitive record of customers, application performance, security
> threats, fraudulent activity and more. Splunk takes this data and makes
> sense of it. Business sense. IT sense. Common sense.
> http://p.sf.net/sfu/splunk-d2d-oct
> _______________________________________________
> W3af-svn-notify mailing list
> w3af-svn-not...@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/w3af-svn-notify
>



-- 
Andrés Riancho
Director of Web Security at Rapid7 LLC
Founder at Bonsai Information Security
Project Leader at w3af

------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure contains a
definitive record of customers, application performance, security
threats, fraudulent activity and more. Splunk takes this data and makes
sense of it. Business sense. IT sense. Common sense.
http://p.sf.net/sfu/splunk-d2d-oct
_______________________________________________
W3af-develop mailing list
W3af-develop@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-develop

Reply via email to