Back to index

plone3  3.1.7
crumbler.py
Go to the documentation of this file.
00001 ##############################################################################
00002 #
00003 # PlonePAS - Adapt PluggableAuthService for use in Plone
00004 # Copyright (C) 2005 Enfold Systems
00005 #
00006 # This software is subject to the provisions of the Zope Public License,
00007 # Version 2.1 (ZPL).  A copy of the ZPL should accompany this
00008 # distribution.
00009 # THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
00010 # WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
00011 # WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
00012 # FOR A PARTICULAR PURPOSE.
00013 #
00014 ##############################################################################
00015 """ Class: CookieCrumblingPlugin
00016 
00017 Acts as auth plugin, but injects cookie form credentials as HTTPBasicAuth.
00018 This allows form logins to fall through to parent user folders.
00019 
00020 """
00021 from Acquisition import aq_base
00022 from AccessControl.SecurityInfo import ClassSecurityInfo
00023 from Globals import InitializeClass, DTMLFile
00024 from OFS.Folder import Folder
00025 
00026 from Products.PluggableAuthService.utils import classImplements
00027 from Products.PluggableAuthService.plugins.BasePlugin import BasePlugin
00028 from Products.PluggableAuthService.interfaces.plugins import IExtractionPlugin
00029 
00030 from Products.CMFCore.CookieCrumbler import manage_addCC
00031 
00032 CC_ID = 'cookie_auth'
00033 
00034 def manage_addCookieCrumblingPlugin(self, id, title='',
00035                                           RESPONSE=None, **kw):
00036     """
00037     Create an instance of a cookie crumbling plugin.
00038     """
00039     self = self.this()
00040 
00041     o = CookieCrumblingPlugin(id, title, **kw)
00042     self._setObject(o.getId(), o)
00043     o = getattr(aq_base(self), id)
00044 
00045     manage_addCC(o, CC_ID)
00046 
00047     if RESPONSE is not None:
00048         RESPONSE.redirect('manage_workspace')
00049 
00050 manage_addCookieCrumblingPluginForm = DTMLFile("../zmi/CookieCrumblingPluginForm", globals())
00051 
00052 class CookieCrumblingPlugin(Folder, BasePlugin):
00053     """Multi-plugin for injecting HTTP Basic Authentication
00054     credentials from form credentials.
00055     """
00056     meta_type = 'Cookie Crumbling Plugin'
00057 
00058     security = ClassSecurityInfo()
00059 
00060     def __init__(self, id, title=None):
00061         self._setId(id)
00062         self.title = title
00063 
00064     def _getCC(self):
00065         return getattr(aq_base(self), CC_ID, None)
00066 
00067     security.declarePrivate('extractCredentials')
00068     def extractCredentials(self, request):
00069         """ Extract basic auth credentials from 'request'.
00070         """
00071 
00072         try:
00073             self._getCC().modifyRequest(request, request.RESPONSE)
00074 
00075         except Exception, e:
00076             import logging
00077             logger = logging.getLogger('Plone')
00078             logger.error("PlonePAS error: %s", e, exc_info=1)
00079 
00080         return {}
00081 
00082 classImplements(CookieCrumblingPlugin,
00083                 IExtractionPlugin)
00084 
00085 InitializeClass(CookieCrumblingPlugin)