[Twisted-Python] Authentication & Access Control system for web services

Allen Bierbaum abierbaum at gmail.com
Mon Mar 7 08:19:07 MST 2011


I have a REST service I have implemented using twisted.web.  Based
upon a new requirement I need to put role-based access control
security on the service and am trying to find the most twisted way to
do it.

I would like to have:
- Username / password login that is checked against a backend database
- Roles and associated privileges associated with each user
- Administration interface to edit users, roles, and privileges
- "Simple" way to configure the access control requirements on the
services. (ex: which services need which roles)

Before I role my own code I wanted to check and see if there are any
addons for this or if anyone else had attacked this problem with
twisted and had some open source code I could look at.

I have found a couple of projects for WSGI that I may try to pull
ideas from, but I haven't yet found anything that uses the twisted
resource model.  (http://authkit.org/,
http://docs.repoze.org/who/2.0/)

Any pointers to twisted projects I could leverage?

-Allen




More information about the Twisted-Python mailing list