[Twisted-web] XMLRPC and sessions

Rob McMillen rob at securecognition.com
Tue Dec 27 23:04:01 MST 2005

I am trying to build an XMLRPC server that utilizes sessions to keep
track of authenticated users.  However, I have not been able to find
too much on session management and the only way I have figured out how
to get at the site from within the XMLRPC server is by overriding the
render method.  Is this the proper way?  Are there other ways to do
it?  I am currently thinking about adding a mechanism to store the uid
and time in a db.

Any help would be great!


class Handler(xmlrpc.XMLRPC):
   def __init__(self, cmd_schema, cmd_xml):
      log.msg("Using %s and %s to configure api" % (cmd_schema, cmd_xml))
      self.api = API(cmd_schema, cmd_xml)

      log.msg("Preparing authentication mechanism")
      self.creds = Creds()

      log.msg("Preparing role mechanism")
      self.roles = Roles()

   def render(self, request):
      s = request.site.makeSession()
      print s.uid
      return xmlrpc.XMLRPC.render(self, request)

   def xmlrpc_login(self, user, password):
      return self.creds.authenticate(user, password).addErrback(

if __name__ == "__main__":
   import sys
   from twisted.internet import reactor
   from twisted.python import log


   site = server.Site(Handler('conf/api.xsd', 'conf/api.xml'))
   reactor.listenSSL(8000, site, ServerContextFactory('etc/host.pem',

More information about the Twisted-web mailing list