Hm, I would prefer to avoid that.<div><br></div><div>In my case, the cost of creating a new Resource is high (since it needs to parse all the URLs it can dispatch to for all the REST services), therefore I would prefer to cache a single ReadOnlyResource vs AdminResource (as an example)</div>
<div>and just serve one or the other.</div><div><br></div><div>I guess that doesn't fit into the typical Twisted model that well :-(</div><div>Is there some sort of "post authentication" hook that I could listen to?</div>
<div><br></div><div>Jacek<br><br><div class="gmail_quote">On Mon, Mar 5, 2012 at 10:09 AM, <span dir="ltr"><<a href="mailto:exarkun@twistedmatrix.com">exarkun@twistedmatrix.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div class="im">On 02:58 pm, <a href="mailto:jacek99@gmail.com">jacek99@gmail.com</a> wrote:<br>
>Hi, I have an extra question going back to our original discussion on<br>
>security.<br>
><br>
>If I serve a Resource Avatar from a Realm, is there any built-in way to<br>
>attach something to the request as it is being intercepted by the<br>
>Realm?<br>
><br>
>For example, for every request I would like to create a Principal<br>
>object<br>
>(username,first name,last name, list of privileges, etc.) and attach it<br>
>to<br>
>every request that has been authenticated.<br>
>> From the API I see, it seems you can serve a customized Resource (and<br>
>>that<br>
>is fine for simpler admin vs read-only authentication schemes), but in<br>
>some<br>
>cases you need really fine-grained APIs<br>
<br>
</div>It's actually fine for all cases, since it lets you do anything you<br>
want. For example, make the principal an argument to your custom<br>
Resource, save it as an attribute, and use it to make future access<br>
control decisions.<br>
<br>
Jean-Paul<br>
<div class="im HOEnZb">>(where a decorator per each REST method may be the only option), so it<br>
>would be good for every request to be linked with the Principal that<br>
>represents the user making the request.<br>
><br>
>Thanks for any suggestions<br>
>Jacek<br>
<br>
</div><div class="HOEnZb"><div class="h5">_______________________________________________<br>
Twisted-web mailing list<br>
<a href="mailto:Twisted-web@twistedmatrix.com">Twisted-web@twistedmatrix.com</a><br>
<a href="http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-web" target="_blank">http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-web</a><br>
</div></div></blockquote></div><br></div>