On 11:31 am, [email protected] wrote: >Hi, > >I need a perspective broker with authentification and followed the >Twisted >documentation on >http://twistedmatrix.com/documents/current/core/howto/tap.html#auto4 to >get >the twistd plugin to work. Now I want to make it work with the >/etc/shadow, >but don't know how to get it to work.
The /etc/shadow cred plugin supports checking IUsernamePassword credentials. PBServerFactory creates protocol instances that only know how to check IUsernameHashedPassword, IUsernameMD5Password, and IAnonymous credentials, though. So no clients will be able to authenticate with this configuration. You can add support for new credentials types to your PB server by creating the PBServerFactory with an IPBRoot provider that returns a root object (typically a Referenceable instance) with a "remote_login" method - or any other method that you make your PBClientFactory's login method call with credentials information. The most straightforward thing to implement would be simple username/password authentication where the client sends both pieces of information to the server and the server verifies them. This would only be secure if used over a secure transport such as SSL, of course. It might also help to look at how authentication is implemented now, in twisted/spread/pb.py, in the _PortalRoot, _PortalWrapper, and _PortalAuthChallenger. Jean-Paul _______________________________________________ Twisted-Python mailing list [email protected] http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
