[Twisted-Python] XMLRPC Authentication

Itamar Shtull-Trauring itamar at itamarst.org
Sat Jun 7 19:00:38 MDT 2003


On Sat, 7 Jun 2003 18:55:35 -0600
Andrew Dalke <dalke at dalkescientific.com> wrote:

> Is "cred" the standard authentication mechanism for Twisted?  That
> is, if I want to do HTTP auth for XML-RPC shouldn't I hook into the
> cred system?  (Don't know myself - haven't gotten to that part of
> Twisted yet.)

As with most high-level libraries in twisted, it's totally optional. It
does give you a nice pluggable backend, so you can use same auth
database for all Twisted apps. That's the theory. It might even be true
if we manage to rewrite cred this month :)

> And if that's the case, couldn't the functionality you mentioned
> all be implemented in a class which is a wrapper to the corresponding
> resource, rather than having Justin Johnson and I both reimplement
> that same functionality?

I haven't needed one of these, neither have other Twisted developers
apparently. Thus, no code for it.

> And if it were available as a standard class for Twisted, wouldn't
> twisted.web.guard.ResourceGuard be a good place for it?  ;)

No, like I said, that does form based authentication. You'd want a
twisted.web.fuard.HTTPAuthResourceGuard. If you write one and contribute
it we can include it.

-- 
Itamar Shtull-Trauring    http://itamarst.org/
http://www.zoteca.com -- Python & Twisted consulting




More information about the Twisted-Python mailing list