Watermarking
- Note
- This will go away in Zope 2.2. It is made unecessary by the new security APIs described in InterfacesWiki:SecurityPolicies
Starting in Zope 2.1.6, a watermark is placed in user objects when they are authenticated. Currently, this is done by the Zope publisher, ZPublisher?.
When a user is authenticated, the attribute _v__marker__
is set to a special value. This mark cannot be set
by DTML (or ThroughTheWeb?, TTW) programs, so the user
cannot be faked using TTW programs.
Python code, such as code in DTML methods is about to use the
[AUTHENTICATED_USER]? for security-related tasks,
it checks the watermark by calling
AccessControl.verify_watermark
and passing the user.
- Zen
- This seems cumbersome. Could we just have a method of retrieving AUTHENTICATED_USER which raises an Exception if AccessControl?.verify_watermark fails? It would be nice if accessing REQUEST.AUTHENTICATED_USER did this. Or was this the behaviour in 2.1.5 that prompted the quick release of 2.1.6?
- Jim
- Do you still need access to AUTHENTICATED_USER,
in light of the new proposed ZopeSecurityPolicies?
If so, then there should probably be a method in SecurityManager to get the AUTHENTICATED_USER.
Note that the use of an attribute and the name chosen should currently be viewed as an implementation detail that may change. We may need to define an interface on user objects to support watermarking.