[Twisted-Python] Any examples of an authenticating XMLRPC server?
Mike C. Fletcher
mcfletch at rogers.com
Mon Feb 28 14:15:56 EST 2005
Stephen Waterbury wrote:
...
> Critiques or razberries welcomed, as long as they're
> constructive razberries! :)
This is extremely illuminating. The key approach/idea that I was
missing is this:
You can create a root web.resource.Resource() and add a child ""
that handles all URLs not otherwise matched by a known child.
This "" child handles the common web-browser case, basically
anything not going to your "special" directories. This child is
the protected Nevow portal that we all know and love; on
attempting to walk into it all the Nevow machinery should trigger.
Now you register your Basic-Auth-protected XMLRPC/SOAP portals
as parallel children of the Nevow portal, "RPC" and "SOAP".
These are again, portals, so they do their own credential
checking, thus don't *necessarily* have to use the same cred
mechanism, but can if they want to.
This doesn't actually do what I was *trying* to do, which was to make it
possible to log into the main site using Basic auth *or* the Nevow web
forms, but it handles what we actually need to do perfectly, so I can
just stop trying to do what I was trying to do :) . I'm about to sit
down to implement this approach for our system.
Much obliged,
Mike
________________________________________________
Mike C. Fletcher
Designer, VR Plumber, Coder
http://www.vrplumber.com
http://blog.vrplumber.com
PyCon is coming...
More information about the Twisted-Python
mailing list