[Twisted-Python] XMLRPC Authentication
Itamar Shtull-Trauring
itamar at itamarst.org
Sat Jun 7 17:54:03 MDT 2003
On Sat, 7 Jun 2003 17:50:59 -0600
Andrew Dalke <dalke at dalkescientific.com> wrote:
> I prefer the latter. I would do it by having a wrapper object around
> the resource, which does the HTTP authentication and passes
> authenticated
> requests to the actual resource. Looking at the code, the code that's
> the closest fit is 'twisted.web.guard.ResourceGuard', but this doesn't
> seem to work right. I can't figure out how it validates the user
> because
> the render method doesn't do anything with variables which look like
> it might validate username/password information.
guard is for form-based session authentication. For HTTP auth you just
need to do request.getUser() and request.getPassword() or some similarly
named methods (and send back appropriate HTTP response code for
unauthenticated if they're None).
--
Itamar Shtull-Trauring http://itamarst.org/
http://www.zoteca.com -- Python & Twisted consulting
More information about the Twisted-Python
mailing list