[Twisted-Python] authentication problem

Frédéric Gobry frederic.gobry at epfl.ch
Wed Jul 28 11:40:07 EDT 2004


> >    def requestAvatar (self, avatarId, mind, *interfaces):
> >        if User not in interfaces:
> >            raise NotImplementedError ("no supported interface")
> 
>   You almost certainly wanted "pb.IPerspective" above, not "User".

Right, I changed that in the meantime (this was a leftover of older
code)

>   The exception given was that no checker was registered to handle =
> IJellyable, IUsernameHashedPassword, IUsernameMD5Password, or =
> ICredentials.  This is accurate.  When given an argument for hash, =
> checkers.FilePasswordDB is a checker _only_ for IUsernamePassword.  It =
> cannot authenticate for a PB connection, which uses an MD5-hashed password.

This is what I feared from the error message.

>   A checker that will work with PB must be a checker for =
> IUsernamePassword, which means storing unhashed passwords on your =
> server.  They can still be encrypted, if you like, but you must reverse =
> the encryption before the credentials can be checked.
>   If storing hashed passwords is a requirement, you can write your own =
> authentication mechanism on top of PB and ignore the built-in version. =
> Unless you are somewhat familiar with the ins and outs of =
> authentication, I recommend against.

Well, regarding the use of crypted file, I don't like the idea of having
to type in a password before starting the server, so I think I'll make
the assumption that the local system is safe, and go without it. 

Thanks for pointing out the problems in my code.

Frédéric

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://twistedmatrix.com/pipermail/twisted-python/attachments/20040728/ec6221c9/attachment.pgp 


More information about the Twisted-Python mailing list