[Twisted-Python] Authentication with multiple handshakes
![](https://secure.gravatar.com/avatar/7bc0b8c815b62b9b503d2d707c8ca08e.jpg?s=120&d=mm&r=g)
http://twistedmatrix.com/projects/core/documentation/howto/pb-cred.html The documentation above says that credentials should be able to do authentication with multiple passes. However, I have not been able to find any examples of it. As an alternative, I was going to implement a user object with state that determined what it was able to do. I could force the client to conduct multiple challenge responses to achieve the logged in state. I figured it would be better to ask the mail list for the proper way to do it first. Thanks -- Alvin
![](https://secure.gravatar.com/avatar/3031feea0675eef4fd1f24b286e089ba.jpg?s=120&d=mm&r=g)
On Thu, 21 Dec 2006 01:45:07 -0600, Alvin Wang <alvinwang@gmail.com> wrote:
As far as I know PB doesn't provide any mechanism for the client to authenticate the server. But it should be easy to implement. You could use the normal procedure to log in to the server. The server provides various remote methods that you can call in order to have it verify itself to you. Once you (the client) are satisifed, then, and only then, do you consider yourself "logged in". You should be caution to prevent the server from invoking methods on the client, and vise vera, prior to authenticating the server. -- Eric Mangold Twisted/Win32 Co-Maintainer
![](https://secure.gravatar.com/avatar/7bc0b8c815b62b9b503d2d707c8ca08e.jpg?s=120&d=mm&r=g)
On 12/21/06, Eric Mangold <teratorn@twistedmatrix.com> wrote:
I was thinking that there might be something more elegant. If I am implementing the login procedure by hand anyway, it seems like it would be simpler to just build it into pb.root. I could skip the realms/checker stuff. I would keep the secure stuff in a pb.referenceableand not return it unless the user passes all the tests. Am I missing anything? Thanks Alvin
![](https://secure.gravatar.com/avatar/3031feea0675eef4fd1f24b286e089ba.jpg?s=120&d=mm&r=g)
On Thu, 21 Dec 2006 03:24:59 -0600, Alvin Wang <alvinwang@gmail.com> wrote:
I'm not really sure what that means in concrete implementation terms. But it seems like you get the picture. If you need more help it's probably time to start posting code. -- Eric Mangold Twisted/Win32 Co-Maintainer
![](https://secure.gravatar.com/avatar/d4c57425353f83fb05dfa5872b45915d.jpg?s=120&d=mm&r=g)
Hi everyone, I have just got Centos4.4 (actually Red Hat Enterprise Linux 4 Update 4) running on a PC as I need a local TCP/IP server running a custom data collection protocol. As there may be many outstations sending data to the server I figured on using Twisted. Do any of you Twisted experts have any thoughts on the best versions of Python and Twisted to use bearing in mind that a key requirement is 24/7 operation. Thanks for any help, John
![](https://secure.gravatar.com/avatar/d7875f8cfd8ba9262bfff2bf6f6f9b35.jpg?s=120&d=mm&r=g)
On Wed, 2006-12-20 at 20:45 -0800, Alvin Wang wrote:
Cred in general can - credential can have multiple methods that return Deferreds and need to be called in certain order; but PB doesn't really have pluggable authentication, so you may have to do it with extra layer (in mind
![](https://secure.gravatar.com/avatar/3031feea0675eef4fd1f24b286e089ba.jpg?s=120&d=mm&r=g)
On Thu, 21 Dec 2006 01:45:07 -0600, Alvin Wang <alvinwang@gmail.com> wrote:
As far as I know PB doesn't provide any mechanism for the client to authenticate the server. But it should be easy to implement. You could use the normal procedure to log in to the server. The server provides various remote methods that you can call in order to have it verify itself to you. Once you (the client) are satisifed, then, and only then, do you consider yourself "logged in". You should be caution to prevent the server from invoking methods on the client, and vise vera, prior to authenticating the server. -- Eric Mangold Twisted/Win32 Co-Maintainer
![](https://secure.gravatar.com/avatar/7bc0b8c815b62b9b503d2d707c8ca08e.jpg?s=120&d=mm&r=g)
On 12/21/06, Eric Mangold <teratorn@twistedmatrix.com> wrote:
I was thinking that there might be something more elegant. If I am implementing the login procedure by hand anyway, it seems like it would be simpler to just build it into pb.root. I could skip the realms/checker stuff. I would keep the secure stuff in a pb.referenceableand not return it unless the user passes all the tests. Am I missing anything? Thanks Alvin
![](https://secure.gravatar.com/avatar/3031feea0675eef4fd1f24b286e089ba.jpg?s=120&d=mm&r=g)
On Thu, 21 Dec 2006 03:24:59 -0600, Alvin Wang <alvinwang@gmail.com> wrote:
I'm not really sure what that means in concrete implementation terms. But it seems like you get the picture. If you need more help it's probably time to start posting code. -- Eric Mangold Twisted/Win32 Co-Maintainer
![](https://secure.gravatar.com/avatar/d4c57425353f83fb05dfa5872b45915d.jpg?s=120&d=mm&r=g)
Hi everyone, I have just got Centos4.4 (actually Red Hat Enterprise Linux 4 Update 4) running on a PC as I need a local TCP/IP server running a custom data collection protocol. As there may be many outstations sending data to the server I figured on using Twisted. Do any of you Twisted experts have any thoughts on the best versions of Python and Twisted to use bearing in mind that a key requirement is 24/7 operation. Thanks for any help, John
![](https://secure.gravatar.com/avatar/d7875f8cfd8ba9262bfff2bf6f6f9b35.jpg?s=120&d=mm&r=g)
On Wed, 2006-12-20 at 20:45 -0800, Alvin Wang wrote:
Cred in general can - credential can have multiple methods that return Deferreds and need to be called in certain order; but PB doesn't really have pluggable authentication, so you may have to do it with extra layer (in mind
participants (5)
-
Alvin Wang
-
Eric Mangold
-
Itamar Shtull-Trauring
-
John Pote
-
Yi Qiang