You are not logged in Log in Join
You are here: Home » Members » jim » ZopeSecurity » Watermarking » wikipage_view

Log in




This will go away in Zope 2.2. It is made unecessary by the new security APIs described in InterfacesWiki:SecurityPolicies

Starting in Zope 2.1.6, a watermark is placed in user objects when they are authenticated. Currently, this is done by the Zope publisher, ZPublisher?.

When a user is authenticated, the attribute _v__marker__ is set to a special value. This mark cannot be set by DTML (or ThroughTheWeb?, TTW) programs, so the user cannot be faked using TTW programs.

Python code, such as code in DTML methods is about to use the [AUTHENTICATED_USER]? for security-related tasks, it checks the watermark by calling AccessControl.verify_watermark and passing the user.

This seems cumbersome. Could we just have a method of retrieving AUTHENTICATED_USER which raises an Exception if AccessControl?.verify_watermark fails? It would be nice if accessing REQUEST.AUTHENTICATED_USER did this. Or was this the behaviour in 2.1.5 that prompted the quick release of 2.1.6?
Do you still need access to AUTHENTICATED_USER, in light of the new proposed ZopeSecurityPolicies?

If so, then there should probably be a method in SecurityManager to get the AUTHENTICATED_USER.

Note that the use of an attribute and the name chosen should currently be viewed as an implementation detail that may change. We may need to define an interface on user objects to support watermarking.