Questions tagged [repoze.who]

repoze.who is an identification and authentication framework for arbitrary WSGI applications. It can be used as WSGI middleware, or as an API from within a WSGI application.

repoze.who is inspired by Zope 2’s Pluggable Authentication Service (PAS) (but repoze.who is not dependent on Zope in any way; it is useful for any WSGI application). It provides no facility for authorization (ensuring whether a user can or cannot perform the operation implied by the request). This is considered to be the domain of the WSGI application.

It attempts to reuse implementations from paste.auth for some of its functionality.

20 questions

votes

2 answers

How to access Pylons config from a repoze.who authenticator

I'm trying to access the Pylons configuration from inside a repoze.who "authenticator".. I'm using from pylons import config, but it looks like it returns a configuration with default values, not the ones from production.ini.. What am I missing?

pylons repoze.who

asked Jan 27 '11 at 11:26

Joril

19,961
13
71
88

votes

1 answer

How do I use repoze.who/repoze.what with SPNEGO?

I'm trying to do single sign-on (SSO) with an intranet web application written in Pylons and I'd like to use repoze.what for authorization. I have Apache configured with mod_sspi and it correctly authenticates the user and sets the REMOTE_USER…

python pylons repoze.who

asked Jul 14 '10 at 00:25

Neil Williams

12,318
4
43
40

votes

1 answer

How to transfer url parameters to repoze custom predicate checkers

I would like to create a repoze custom predicate checker that is capable to access url parameters and validate something. But I would like to use allow_only to set this permission checker in all the controller's scope. Something like: class…

python authentication permissions turbogears2 repoze.who

asked Jun 17 '10 at 18:44

bluefoot

10,220
11
43
56

votes

1 answer

Handle incorrect user/password repoze.who gracefully in Python/Pylons

im using FriendlyFormPlugin, but would like to retrieve the username that was input as part of the request.params, but its no longer there when i check. this way i can set the default for username if the password is incorrect. thanks

python pylons repoze.who

asked Apr 16 '10 at 22:13

Timmy

12,468
20
77
107

votes

1 answer

Remove all user's cookies/sessions when password is reset

I'm interested in improving security of my TurboGears 2.2 application so that when user changes his password, it logs him out from all sessions and he must login again. The goal is when user changes password on browser 1, he must relogin on browser…

python turbogears repoze.who

asked Nov 04 '12 at 22:57

Juraj

Prev 1