[Twisted-Python] XMLRPC Authentication

Andrew Dalke dalke at dalkescientific.com
Sat Jun 7 18:55:35 MDT 2003


Itamar Shtull-Trauring:
> guard is for form-based session authentication. For HTTP auth you just
> need to do request.getUser() and request.getPassword() or some 
> similarly
> named methods (and send back appropriate HTTP response code for
> unauthenticated if they're None).

Ahhh, okay.  I saw the docstring which said "Cred integration for 
twisted.web"
and assumed it was used for any cred use related to twisted.web.

Is "cred" the standard authentication mechanism for Twisted?  That
is, if I want to do HTTP auth for XML-RPC shouldn't I hook into the
cred system?  (Don't know myself - haven't gotten to that part of
Twisted yet.)

And if that's the case, couldn't the functionality you mentioned
all be implemented in a class which is a wrapper to the corresponding
resource, rather than having Justin Johnson and I both reimplement that
same functionality?

And if it were available as a standard class for Twisted, wouldn't
twisted.web.guard.ResourceGuard be a good place for it?  ;)

					Andrew
					dalke at dalkescientific.com





More information about the Twisted-Python mailing list