[Twisted-Python] Cred question
konrads at smelkovs.com
Thu Aug 5 12:45:13 EDT 2010
i guess he wants admin to 1) impersonate another user, akin to su -u
anotheruser and 2) also to drop that user's session.
For 1) you'd have to set the avatar to the user's id (or at
application level implement something like effective uid). For 2)
you'd have to iterate over all active sessions and terminate the one
2010/8/5, exarkun at twistedmatrix.com <exarkun at twistedmatrix.com>:
> On 4 Aug, 02:20 am, ssoni at nextdigital.com wrote:
>>I am using Cred authentication system in my Nevow based web
>>Admin user can see list of all users from admin interface of the
>>Now, admin user wants to do following things:
>>1. Automatically login as other user
>>2. Induce logout to already logged in user.
>>Q1. Since, admin user itself used cred authentication to login in first
>>place, how do we do automatic login as different user programmatically
>>or logout already logged in other user?
> I'm not sure what you're asking here. Perhaps the answer is to call
> your realm's requestAvatar method with the avatarId of the admin user?
> As far as logging out a user, that basically means dropping their
>>I tried to redirect my application to
>>/__login__/?username=otherusername&password=itspassword and it went
>>through Cred system, but I believe, since previous session was active
>>as well, it triggered logout.
>>Q2. Does cred allow multiple login sessions in same browser? So, that
>>admin user can maintain its own session and login into other user as
> nevow.guard is cookie-based. There's no way to have multiple
> authentication cookies inside a single browser instance, as far as I
> Twisted-Python mailing list
> Twisted-Python at twistedmatrix.com
Nosūtīts no manas mobilās ierīces
Applied IT sorcery.
More information about the Twisted-Python