[Twisted-Python] XMLRPC Authentication

Itamar Shtull-Trauring itamar at itamarst.org
Sat Jun 7 19:54:03 EDT 2003

On Sat, 7 Jun 2003 17:50:59 -0600
Andrew Dalke <dalke at dalkescientific.com> wrote:

> I prefer the latter.  I would do it by having a wrapper object around
> the resource, which does the HTTP authentication and passes 
> authenticated
> requests to the actual resource.  Looking at the code, the code that's
> the closest fit is 'twisted.web.guard.ResourceGuard', but this doesn't
> seem to work right.  I can't figure out how it validates the user 
> because
> the render method doesn't do anything with variables which look like
> it might validate username/password information.

guard is for form-based session authentication. For HTTP auth you just
need to do request.getUser() and request.getPassword() or some similarly
named methods (and send back appropriate HTTP response code for
unauthenticated if they're None).

Itamar Shtull-Trauring    http://itamarst.org/
http://www.zoteca.com -- Python & Twisted consulting

More information about the Twisted-Python mailing list