[Webware-discuss] authorization question

Wed, 09 Mar 2005 13:40:52 -0800 

Hi,

I'm trying to figure out how to get form-based authentication working
with cheetah templates.  What I've got so far:

A static login form that posts to LoginServlet.py, which validates the
username/password  and sets a number of WebKit session variables.

I have a test servlet called ("Test") that extends "Secure", and
writes some basic output with .writeContent()

"Secure" is a subclass of WebKit.Page.Page that overrides .awake() and
checks to make sure the session is valid and that the sessionid is
coming from the correct IP address.

This all works as I hoped... if you call http://localhost/WK/Test with
your session properly setup, you get the output of
Test.writeContent().  If you call it without a proper session, you get
redirected to the login page.

But I can't figure out how to get this working for my compiled cheetah
templates.  I've got a cheetah template compiled into a servlet,
home.py.  The template:

#extends Secure
#implements respond
< some simple output >

When I try to access /WK/home with a valid session I get the following
exception:
Traceback (most recent call last):
  File "/root/src/Webware-0.8.1/WebKit/Application.py", line 415, in
dispatchRequest
    self.handleGoodURL(transaction)
  File "/root/src/Webware-0.8.1/WebKit/Application.py", line 567, in
handleGoodURL
    self.respond(transaction)
  File "/root/src/Webware-0.8.1/WebKit/Application.py", line 776, in respond
    transaction.respond()
  File "/root/src/Webware-0.8.1/WebKit/Transaction.py", line 105, in respond
    self._servlet.respond(self)
  File "/root/garden/garden-webkit/home.py", line 82, in respond
    SL = self._searchList
AttributeError: home instance has no attribute '_searchList'

Here is my Secure class (Secure.py):

from WebKit.Page import Page

class Secure(Page):
    def __init__(self):
        Page.__init__(self)

    def awake(self, trans): 
        Page.awake(self,trans)
        res = trans.response()
        req = trans.request()
        sess = trans.session()
        if sess.hasValue('raddr') and \
            sess.hasValue('authenticated') and \
            req._environ['REMOTE_ADDR'] == sess.value('raddr') and \
            sess.value('authenticated') == True:
            return  
        else:   
            res.sendRedirect('login')
            return

Am I missing something?

Thanks!

-Jacob


-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
Webware-discuss mailing list
Webware-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/webware-discuss

Reply via email to