[Twisted-Python] Something strange about cred
exarkun at divmod.com
Thu Feb 8 11:04:21 EST 2007
On Thu, 08 Feb 2007 10:16:51 -0500, Stephen Waterbury <stephen.c.waterbury at nasa.gov> wrote:
>Here's a simple self-contained example of a database
>checker that's essentially identical to the one I
>use with my code which works with web but not with the web2
>auth example (i.e., httpauth.tac). Perhaps someone familiar
>with cred and web2 could suggest how I might fix it?
>The only changes needed to make the web2 auth example
>use DbChecker instead of InMemoryUsernamePasswordDatabaseDontUse
>are (1) apply attached patch to httpauth.py, (2) drop dbchecker.py
>into the same directory. The test_dbchecker.py script is just
>a simple test to show that DbChecker returns an AvatarId
>when given a credential with correct username and password
>TIA for any help with this.
Aside from the cred questions/issues you raised in the first email
(some of which I think are valid), I think the main problem you're
running into is that HTTP digest authentication is being used, but
the checker you wrote can't handle this: digest auth requires that
the checker be able to handle IUsernameHashedPassword credentials,
which yours doesn't.
The reporting for this case could probably be improved. If there is
no checker registered which can handle the kind of credentials being
used, it's probably a programming error, and the programmer should be
told about it.
More information about the Twisted-Python