Skip to content

Z
Zope
Commit d9bdcd42 authored by Christopher Petrilli's avatar Christopher Petrilli
Browse files
Options

Added support for multiple authentication types, encoded via the standard 

LDAP rules.
parent 998d1ae9
Hide whitespace changes
Inline Side-by-side
Showing with 24 additions and 7 deletions
lib/python/AccessControl/User.py
View file @ d9bdcd42
...@@ -84,9 +84,9 @@ ...@@ -84,9 +84,9 @@
############################################################################## ##############################################################################
"""Access control package""" """Access control package"""
__version__='$Revision: 1.85 $'[11:-2] __version__='$Revision: 1.86 $'[11:-2]
import Globals, App.Undo, socket, regex import Globals, App.Undo, socket, regex, binascii, sha
from Globals import HTMLFile, MessageDialog, Persistent, PersistentMapping from Globals import HTMLFile, MessageDialog, Persistent, PersistentMapping
from string import join,strip,split,lower from string import join,strip,split,lower
from App.Management import Navigation, Tabs from App.Management import Navigation, Tabs
...@@ -95,9 +95,15 @@ from OFS.SimpleItem import Item ...@@ -95,9 +95,15 @@ from OFS.SimpleItem import Item
from base64 import decodestring from base64 import decodestring
from App.ImageFile import ImageFile from App.ImageFile import ImageFile
from Role import RoleManager from Role import RoleManager
from string import split, join from string import split, join, upper
from PermissionRole import _what_not_even_god_should_do, rolesForPermissionOn from PermissionRole import _what_not_even_god_should_do, rolesForPermissionOn
# Bogosity on various platforms due to ITAR restrictions
try:
import crypt
except ImportError:
crypt = None
ListType=type([]) ListType=type([])
...@@ -161,12 +167,23 @@ class BasicUser(Implicit): ...@@ -161,12 +167,23 @@ class BasicUser(Implicit):
# ------------------------------ # ------------------------------
def authenticate(self, password, request): def authenticate(self, password, request):
domains=self.getDomains()
passwrd=self._getPassword() passwrd=self._getPassword()
result = 0
if upper(passwrd[:5]) == '{SHA}':
password = binascii.b2a_base64(sha.new(password).digest())[:-1]
result = passwrd[5:] == password
elif upper(passwrd[:7]) == '{CRYPT}' and crypt is not None:
#if crypt is None, it's not compiled in and everything will fail
password = crypt(password, passwrd[7:9])
result = passwrd[7:] == password
else:
result = passwrd == password
domains=self.getDomains()
if domains: if domains:
return (password==passwrd) and domainSpecMatch(domains, request) return result and domainSpecMatch(domains, request)
return password==passwrd return result
def _shared_roles(self, parent): def _shared_roles(self, parent):
r=[] r=[]
while 1: while 1:
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7