[Twisted-Python] Re: cred? spread? (was: In Defense of Taps)

Wed Feb 12 21:58:02 EST 2003

I'm gonna blurt out some information, and then run off to get some
food.  But someone (possibly me) should remember to follow up on this by
figuring out if this information is already in some document somewhere,
and if not, where it should be, and how to integrate it there. 
(Candidates include package/module docstrings, documents we seem to be
calling "howtos", the "Dot Products" section of the website, or
someplace else.)

I will target the specific questions you have asked in a high-level
fashion, this information does not take the place of the excellent
detailed documents in the "howto" directory on PB by Brian Warner and
others.

On Wed, 2003-02-12 at 14:43, screwtape at froup.com wrote:
>  - cred: Apparently this is something I need to get Right for PB to
>    work, but I'm not sure what it does. I'd have expected it to be
>    something like PAM for Linux - give it a name and password, and get
>    back 'allow' or 'deny' - but it seems this is not the case.

twisted.cred is a framework for the abstract ideas of "there are some
people and some services and some of the people access some of the
services."  There's Authorizer, that's the part to which you give a name
and a password.  It gives you back an Identity (or 'deny').  An Identity
holds a keyring.  If a person wants to access a Service but they don't
have a match on their keyring, they get 'deny'.  Otherwise, they get a
Perspective on that Service.  (The Perspective is for holding data that
overlaps between the Identity and the Service; you don't want to clutter
an Identity with data from every Service.)

>  - spread: I understand banana and jelly, but PB surpasses me. I don't
>    have a clear mental picture of how information flows between the
>    two processes. I'm looking for an API that resembles 'connect to
>    this server, tell me what objects there I can talk to', but I'm not
>    finding it.

"connect to this server" is well-documented, but I'll address "tell me
what objects[...]".  Assuming you use the standard usage of PB and cred
(using pb.IdentityConnector), you get back a reference to one object
upon connecting: Your Perspective (on the Service you asked to connect
to).  You may call methods that follow a certain naming convention on
that perspective (see the pb.Perspective API docs), which may return
references to other Referenceable objects.  

To the best of my knowledge, there are currently no facilities for
introspection across PB, so there's no built-in way to say "what remote
methods can I call on this object," nor is there even a "what services
are available", one of which would be the close analog to your "what
objects can I talk to" question.

Okay, dinnertime!

 - Kevin

-- 
The moon is waxing gibbous, 80.3% illuminated, 10.4 days old.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://twistedmatrix.com/pipermail/twisted-python/attachments/20030212/4e2264ad/attachment.pgp 