blob: 62713e8224f2cba2a1a3d40356162fc42c8ae375 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
.. _repozewho1authenticationpolicy_directive:
``repozewho1authenticationpolicy``
----------------------------------
When this directive is used, authentication information is obtained
from a ``repoze.who.identity`` key in the WSGI environment, assumed to
be set by :term:`repoze.who` middleware.
Attributes
~~~~~~~~~~
``identifier_name``
The ``identifier_name`` controls the name used to look up the
:term:`repoze.who` "identifier" plugin within
``request.environ['repoze.who.plugins']`` which is used by this
policy to "remember" and "forget" credentials. It defaults to
``auth_tkt``.
``callback``
The ``callback`` is a Python dotted name to a function passed the
repoze.who identity and the request as positional arguments. The
callback is expected to return None if the user represented by the
identity doesn't exist or a sequence of group identifiers
(possibly empty) if the user does exist. If ``callback`` is None,
the userid will be assumed to exist with no groups. It defaults
to ``None``.
Example
~~~~~~~
.. code-block:: xml
:linenos:
<repozewho1authenticationpolicy
identifier_name="auth_tkt"
callback=".somemodule.somefunc"
/>
Alternatives
~~~~~~~~~~~~
You may create an instance of the
:class:`repoze.bfg.authentication.RepozeWho1AuthenticationPolicy` and
pass it to the :class:`repoze.bfg.configuration.Configurator`
constructor as the ``authentication_policy`` argument during initial
application configuration.
See Also
~~~~~~~~
See also :ref:`authentication_policies_directives_section` and
:class:`repoze.bfg.authentication.RepozeWho1AuthenticationPolicy`.
|
