Trees | Indices | Help |
|
---|
|
This module contains monkey patches we needed to make to PAS when we switched from native ZODB-managed authentication to pluggable authentication. This module needs to be imported by ZenUtils/__init__.py. Related tickets: http://dev.zenoss.org/trac/ticket/379 http://dev.zenoss.org/trac/ticket/402 http://dev.zenoss.org/trac/ticket/443 http://dev.zenoss.org/trac/ticket/1042 http://dev.zenoss.org/trac/ticket/4225 http://jira.zenoss.com/jira/browse/ZEN-110
|
|||
|
|||
|
|||
|
|||
|
|||
|
|
|||
pas = PluggableAuthService.PluggableAuthService
|
|||
_originalResetCredentials = pas.resetCredentials
|
|
Here is a run down of how this method is called and where it ends up returning in various login situations. Failure (admin, local, LDAP, and Active Directory) is_top=0, user_ids=[], name=login, if not is_top: return None (outside loop) is_top=1, user_ids=[], name=login, return anonymous Success (admin) is_top=0, user_ids=[], name=login, if not is_top: return (outside loop) is_top=1, user_ids=[('admin', 'admin')], name=login, if self._authorizeUser(...): return user Success (local, LDAP, and Active Directory) is_top=0, user_ids=[('username', 'username')], name=login, if self._authorizeUser(...): return user |
We don't want CookieAuthHelper setting the login attribute, we we'll override manage_afterAdd(). For now, the only thing that manage_afterAdd does is set the login_form attribute, but we will need to check this after every upgrade of the PAS. |
Set a cookie and redirect to the url that we tried to authenticate against originally. FIXME - I don't think we need this any more now that the EULA is gone -EAD |
Trees | Indices | Help |
|
---|
Generated by Epydoc 3.0.1.1812 on Mon Jul 30 17:10:54 2012 | http://epydoc.sourceforge.net |