Personal tools
You are here: Home Plone XP leocornus.django.ploneproxy Login process - proxy login_form
 

Login process - proxy login_form

— filed under:

Handling user log in from Internet URL

  • login form, login redirect URL looks like
    http://internet.host.name/abc will be redirect to 
    http://internet.host.name/ext/login/?next=/abc
  • customize look and feel, Django has very good support on this.
  • error handling, providing proper error message

Django comes with a default login view (django.contrib.auth.views.login)  but does NOT provide a default login template!  The login view is using template named 'regisgtration/login.html'.  We have to build our own login form.

Hard coded authen_url version

The idea of the implementation is that we verify user's credentials from a central authen_url, which is defined in a new Django setting property PLONEPROXY_AUTHEN_URL.  So the authentication backend class will authenticate user through this URL.  This is working perfectly if you have only one site.  But it is not working for a Proxy server which serves more than one internal Plone sites.  Unless you have Single Sign On solution on board for your multiple Plone sites.

On fly authen URL version

This solution will be more flexible than the previous one.  We will build the login URL based on the request URI.  So the login_form from the exact Plone site that the user is going to visit will be used to verify user's credentials.

We will retire the new Django setting property PLONEPROXY_AUTHEN_URL and define a special HTTP header key to let mod_python bypass this login request.

Django Default Settings

  • LOGIN_REDIRECT_URL = '/accounts/profile/' the default login redirect URL after successfully logged in
  • LOGIN_URL = '/accounts/login/' the default login URL.

The parameter REDIRECT_FIELD_NAME is used to hold the come from URL while the login process is triggered.  It is default is next, defined in django.contrib.auth.__init__.py.

New Python Options

PLONEPROXY_LOGIN_URL: specify the the login URL for not valid session. The default value is '/ext/login'.

PLONEPROXY_PLONE_VIEW_BYPASS

specify the view names that will be filtered out when we build the login URL.

Tracking History

When Who What Done
2010-05-28 10:47 Sean Chen the on fly solution is implemented and tested, story is completed.
-- 3.0 Hours, 100.0% Done
Document Actions