[Twisted-Python] authentication problem
Frédéric Gobry
frederic.gobry at epfl.ch
Wed Jul 28 11:40:07 EDT 2004
> > def requestAvatar (self, avatarId, mind, *interfaces):
> > if User not in interfaces:
> > raise NotImplementedError ("no supported interface")
>
> You almost certainly wanted "pb.IPerspective" above, not "User".
Right, I changed that in the meantime (this was a leftover of older
code)
> The exception given was that no checker was registered to handle =
> IJellyable, IUsernameHashedPassword, IUsernameMD5Password, or =
> ICredentials. This is accurate. When given an argument for hash, =
> checkers.FilePasswordDB is a checker _only_ for IUsernamePassword. It =
> cannot authenticate for a PB connection, which uses an MD5-hashed password.
This is what I feared from the error message.
> A checker that will work with PB must be a checker for =
> IUsernamePassword, which means storing unhashed passwords on your =
> server. They can still be encrypted, if you like, but you must reverse =
> the encryption before the credentials can be checked.
> If storing hashed passwords is a requirement, you can write your own =
> authentication mechanism on top of PB and ignore the built-in version. =
> Unless you are somewhat familiar with the ins and outs of =
> authentication, I recommend against.
Well, regarding the use of crypted file, I don't like the idea of having
to type in a password before starting the server, so I think I'll make
the assumption that the local system is safe, and go without it.
Thanks for pointing out the problems in my code.
Frédéric
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://twistedmatrix.com/pipermail/twisted-python/attachments/20040728/ec6221c9/attachment.pgp
More information about the Twisted-Python
mailing list