[Twisted-Python] exceptions.TypeError: ('Could not adapt', <twisted.spread.pb._PortalAuthChallenger instance at 0x013E3760>, <InterfaceClass twisted.cred.credentials.IUsernamePassword>)
Justin Johnson
justinjohnson at gmail.com
Wed Mar 28 11:01:12 MDT 2007
Hi,
I'm running Python 2.5 and Twisted 2.5.0 on Windows 2003 Server.
I have a web site (Twisted/Nevow) where users login with a username
and password. I save the username and password once they login
because the same username and password are used to connect to various
Perspective Broker servers, and I don't want to make users
reauthenticate for every server that is connected to behind the
scenes. Since the password cannot be hashed when passed to PB I store
it in plaintext.
Up to this point I have been using a realm and file password db as
listed at the end of this email. When I recently upgraded from
Twisted 2.4.0 to 2.5.0 and from Python 2.4 to 2.5 I get the following
error.
2007/03/28 10:23 -0500 [Broker,0,IP_ADDRESS] Peer will receive
following PB traceback:
2007/03/28 10:23 -0500 [Broker,0,IP_ADDRESS] Unhandled Error
Traceback (most recent call last):
File "D:\Python25\lib\site-packages\twisted\spread\pb.py", line
847, in _recvMessage
netResult = object.remoteMessageReceived(self, message, netArgs, netKw)
File "D:\Python25\lib\site-packages\twisted\spread\flavors.py",
line 119, in remoteMessageReceived
state = method(*args, **kw)
File "D:\Python25\lib\site-packages\twisted\spread\pb.py", line
1217, in remote_respond
d = self.portalWrapper.portal.login(self, mind, IPerspective)
File "D:\Python25\lib\site-packages\twisted\cred\portal.py", line
109, in login
return maybeDeferred(c.requestAvatarId, credentials
--- <exception caught here> ---
File "D:\Python25\lib\site-packages\twisted\internet\defer.py",
line 107, in maybeDeferred
result = f(*args, **kw)
File "d:\python25\lib\site-packages\ratcontrol\login.py", line 195,
in requestAvatarId
up = credentials.IUsernamePassword(c)
exceptions.TypeError: ('Could not adapt',
<twisted.spread.pb._PortalAuthChallenger instance at 0x013E3760>,
<InterfaceClass twisted.cred.credentials.IUsernamePassword>)
2007/03/28 10:23 -0500 [Broker,client] Unhandled error in Deferred:
2007/03/28 10:23 -0500 [Broker,client] Unhandled Error
Traceback from remote host -- Traceback unavailable
I looked at the Subversion log for twisted.spread.pb.py and am not
sure what change is causing this failure. The contents of
ratcontrol\login.py are below.
Does anyone have any pointers on what I should be looking for here?
Is there any way I can accomplish my goal in a more maintainable way?
Thanks,
Justin
----------------
from twisted.cred import portal, checkers, credentials, error
from twisted.web import resource
from twisted.spread import pb
from twisted.python import log, components
from twisted.internet.defer import maybeDeferred
from twisted.internet import defer
from twisted.python import failure, reflect, components
from zope.interface import implements
from nevow import inevow
from ratcontrol.web import pages
from ratcontrol import perspectives
from ratcontrol import services
def noLogout():
return None
class RatControlRealm:
"""A simple implementor of cred's IRealm.
For web, this gives us the LoggedIn page.
For PB, this gives us a reference to the perspective.
"""
implements(portal.IRealm)
def __init__(self):
self.clients = []
self.serviceTypes = []
def addServiceType(self, serviceType):
self.serviceTypes.append(serviceType)
def requestAvatar(self, avatarIdAndPassword, mind, *interfaces):
## If the login is anonymous, only one item will be passed.
## If it is an authorized login, both the id and password
## will be passed.
if len(avatarIdAndPassword) == 2:
avatarId, avatarPassword = avatarIdAndPassword
else:
avatarId = avatarIdAndPassword
for iface in interfaces:
if iface is inevow.IResource:
if avatarId is checkers.ANONYMOUS:
resc = pages.NotLoggedIn()
return (resource.IResource, resc, noLogout)
else:
resc = pages.LoggedIn(avatarId, avatarPassword, self)
return resource.IResource, resc, noLogout
elif iface is pb.IPerspective:
if avatarId is checkers.ANONYMOUS:
return (pb.IPerspective, None, None)
else:
log.msg("User %s logged in" % avatarId)
#s = services.RatControlService()
s = services.getServiceForTypes(self.serviceTypes)
self.p = perspectives.IPerspectiveRatControl(s)
self.p.loggedIn = 1
return (pb.IPerspective, self.p, self.p.logout)
raise NotImplementedError("Can't support that interface.")
class FilePasswordDB:
"""A file-based, text-based username/password database.
Records in the datafile for this class are delimited by a particular
string. The username appears in a fixed field of the columns delimited
by this string, as does the password. Both fields are specifiable. If
the passwords are not stored plaintext, a hash function must be supplied
to convert plaintext passwords to the form stored on disk and this
CredentialsChecker will only be able to check IUsernamePassword
credentials. If the passwords are stored plaintext,
IUsernameHashedPassword credentials will be checkable as well.
"""
implements(checkers.ICredentialsChecker)
def __init__(self, filename, delim=':', usernameField=0, passwordField=1,
caseSensitive=True, hash=None):
"""
@type filename: C{str}
@param filename: The name of the file from which to read username and
password information.
@type delim: C{str}
@param delim: The field delimiter used in the file.
@type usernameField: C{int}
@param usernameField: The index of the username after splitting a
line on the delimiter.
@type caseSensitive: C{bool}
@param caseSensitive: If true, consider the case of the username when
performing a lookup. Ignore it otherwise.
@type passwordField: C{int}
@param passwordField: The index of the password after splitting a
line on the delimiter.
@type hash: Three-argument callable.
@param hash: A function used to transform the plaintext password
received over the network to a format suitable for comparison against
the version stored on disk. The arguments to the callable are the
username, the network-supplied password, and the in-file version of
the password.
"""
self.filename = filename
self.delim = delim
self.ufield = usernameField
self.pfield = passwordField
self.caseSensitive = caseSensitive
self.hash = hash
if self.hash is None:
# The passwords are stored plaintext. We can support both
# plaintext and hashed passwords received over the network.
self.credentialInterfaces = (
credentials.IUsernamePassword,
credentials.IUsernameHashedPassword
)
else:
# The passwords are hashed on disk. We can support only
# plaintext passwords received over the network.
self.credentialInterfaces = (
credentials.IUsernamePassword,
)
def _cbPasswordMatch(self, matched, usernameAndPassword):
## Return both the username and password so we can save the password
## for connecting to other services once we are authenticated on one.
if matched:
return usernameAndPassword
else:
return failure.Failure(error.UnauthorizedLogin())
def getUser(self, username):
try:
f = file(self.filename)
except:
log.err()
raise error.UnauthorizedLogin()
else:
if not self.caseSensitive:
username = username.lower()
for line in f:
line = line.rstrip()
parts = line.split(self.delim)
if self.ufield >= len(parts) or self.pfield >= len(parts):
continue
if self.caseSensitive:
if parts[self.ufield] != username:
continue
elif parts[self.ufield].lower() != username:
continue
return parts[self.ufield], parts[self.pfield]
raise KeyError(username)
def requestAvatarId(self, c):
try:
u, p = self.getUser(c.username)
except KeyError:
return failure.Failure(error.UnauthorizedLogin())
else:
up = credentials.IUsernamePassword(c)
if self.hash:
if up is not None:
h = self.hash(up.username, up.password, p)
if h == p:
return (u, p)
return failure.Failure(error.UnauthorizedLogin())
else:
## Note that we pass both the username and the password
return defer.maybeDeferred(c.checkPassword, p
).addCallback(self._cbPasswordMatch, (u,p))
More information about the Twisted-Python
mailing list