> i did it, but it donĀ“t work,
Because this code has no sense this way.
You're just storing and retrieving data from session.
What do you suppose this will do...
Try something like:
def extractCredentials(self, request):
creds = {}
session = self.REQUEST.SESSION
creds = session.get('_key', None)
if creds:
return creds
login = request.get('__ac_name', '')
if login:
# Look in the request for the names coming from the login form
login = request.get('__ac_name', '')
password = request.get('__ac_password', '')
if login:
creds['login'] = login
creds['password'] = password
if creds:
creds['remote_host'] = request.get('REMOTE_HOST', '')
try:
creds['remote_address'] = request.getClientAddr()
except AttributeError:
creds['remote_address'] = request.get('REMOTE_ADDR', '')
session.set('_key', creds)
return creds
return None
You should use protected class (like in CAS4PAS) to store credentials
in session. Also you should think how it is supposed to work and what
should be done in extractCredentials and what in authenticateCredentials
functions, etc.
So far this code checks if there is object in session and if so then it
extracts
credentials from this object, if no, then it tries to extract credentials
from request.
You should now validate these credentials with something (eg. RDBMS),
possibly in authenticateCredentials function.
--
Maciej Wisniowski
_______________________________________________
Zope maillist - Zope@zope.org
http://mail.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )
