[Moin-user] Upgrade 1.5.7 > 1.7.2 external cookie problem

Michael Matthews mjmatthews1 at rcn.com
Tue Sep 16 08:26:33 EDT 2008


Thomas Waldmann wrote:

>>> >>> when going from 1.5 to 1.7, you'll have to upgrade your auth stuff, see
>>> >>> the code in MoinMoin.auth package (we use auth objects now, not
>>> >>> functions any more).
>>> >>>       
>>>       
> >
> > Did you do that?
> >   
>   

I used the contrib/authexternalcookie as template

> >   
>   
>>> >>> Please have a look at MoinMoin/request/__init__.py:emit_http_headers.
>>> >>>
>>> >>>     if lkey in ['vary', 'cache-control', 'content-language', ]:
>>> >>>
>>> >>> These are the headers we allow multiple times and just merge their
>>> >>> values into a single header. Please add 'set-cookie' to that list and
>>> >>> try if that works (it won't give exceptions any more, but you have to
>>> >>> check if BOTH cookies work correctly).
>>> >>>       
>>>       
> >
> > Did you do that?
> >
> >   
>   
yes

>> >> Thanks for the response. I believe set-cookie can be used multi times
>> >> but not sure.
>> >>     
>>     
> >
> > Yes, I also guess it can. But the main question is if it can be merged
> > into a single set-cookie line (see above).
> >
> >   
>   
>> >> I will look into code change. Actually the cookie
>> >> mechanism is working other than the error messages. I made the change
>> >> and most of the error messages are gone.
>> >>     
>>     
> >
> > You mean you added that to the list of keys for which headers get
> > merged, like I proposed above?
> >   
>   
yes

> >   
>   
>> >> However still get this in error_log:
>> >>
>> >> 2008-09-15 09:05:04,221 ERROR MoinMoin.failure:159 An exception occured.
>> >> Traceback (most recent call last):
>> >>   File
>> >> "/home/www/moin2/lib/python2.4/site-packages/MoinMoin/request/request_cgi.py",
>> >> line 29, in __init__
>> >>   File
>> >> "/home/www/moin/lib/python2.4/site-packages/MoinMoin/request/__init__.py",
>> >> line 218, in __init__
>> >>     self.user = self._handle_auth_form(user_obj)
>> >>   File
>> >> "/home/www/moin/lib/python2.4/site-packages/MoinMoin/request/__init__.py",
>> >> line 632, in _handle_auth_form
>> >>     stage=stage, openid_identifier=oid)
>> >>   File
>> >> "/home/www/moin/lib/python2.4/site-packages/MoinMoin/request/__init__.py",
>> >> line 686, in handle_auth
>> >>     user_obj, cont = authmethod.request(self, user_obj, **extra)
>> >> TypeError: unpack non-sequence
>> >>     
>>     
> >
> > This is a bug in some auth class implementation. How does your auth
> > configuration look like? If that happens in the auth class you
> > implemented for external cookies, you have to check your request
> > method's return value whether it returns user_obj, continue_flag tuple.
> >   
>   
My auth method returns user_obj and flag not extra. I have attached
wikiconfig.py.
Any help would be appreciated.

> >   
>   
>> >> Also The pagetrail section is not being built. It only has the current
>> >> page in it.
>> >>     
>>     
> >
> > That just means sessions don't work.
> >
> >
> >
> >   
>   

------------------------------------------------------------------------

# -*- coding: iso-8859-1 -*-
# IMPORTANT! This encoding (charset) setting MUST be correct! If you live in a
# western country and you don't know that you use utf-8, you probably want to
# use iso-8859-1 (or some other iso charset). If you use utf-8 (a Unicode
# encoding) you MUST use: coding: utf-8
# That setting must match the encoding your editor uses when you modify the
# settings below. If it does not, special non-ASCII chars will be wrong.

"""
    MoinMoin - Configuration for a single wiki

    If you run a single wiki only, you can omit the farmconfig.py config
    file and just use wikiconfig.py - it will be used for every request
    we get in that case.

    Note that there are more config options than you'll find in
    the version of this file that is installed by default; see
    the module MoinMoin.multiconfig for a full list of names and their
    default values.

    Also, the URL http://moinmoin.wikiwikiweb.de/HelpOnConfiguration has
    a list of config options.

    @copyright: 2000-2005 by Juergen Hermann <jh at web.de>
    @license: GNU GPL, see COPYING for details.
"""

import time, os

from MoinMoin.config.multiconfig import DefaultConfig
from MoinMoin.auth import BaseAuth

# -*- coding: iso-8859-1 -*-
# This is some sample code you might find useful when you want to use some
# external cookie (made by some other program, not moin) with moin.
# See the XXX places for customizing it to your needs. You need to put this
# code into your farmconfig.py or wikiconfig.py.

# ...
decode ='/usr/bin/java -classpath /home/www/java/classes/gateKeeper.jar:/home/www/java/classes/PSE_Lite.jar esGateKeeper.CmdGateKeeper %s QLAN PROD >%s'
hrloginurl = 'https://www.e-access.att.com/empsvcs/hrpinmgt/pagLogin/?retURL='
hrlogouturl = 'https://www.e-access.att.com/empsvcs/hrpinmgt/pagLogout/'

#class FarmConfig(DefaultConfig):
class ExternalCookie(BaseAuth):
    name = 'external_cookie'
    def request(self,request,user_obj, **kw):
        """ authenticate via external cookie """
        import Cookie
        cookiename = "NSFLAB" # XXX external cookie name you want to use
        try:
            cookie = Cookie.SimpleCookie(request.saved_cookie)
        except Cookie.CookieError:
            # ignore invalid cookies
            cookie = None
        import urllib
        if cookie and cookie.has_key(cookiename):
            cookievalue = cookie[cookiename].value
            cookievalue = urllib.unquote(cookievalue)
            cookievalue = cookievalue.decode('iso-8859-1')
            cookievalue = cookievalue.split('|')
        elif cookie and cookie.has_key('attESHr'):
            cookievalue = cookie['attESHr'].value
            cookievalue = urllib.unquote(cookievalue)
            cookievalue = cookievalue.decode('iso-8859-1')
            cookievalue = cookievalue.split('|')
            userid = cookievalue[2]
            cookievalue.append(userid.split('@')[0])
#            f = open("cookie.log", "a")
#            f.write("\n")
#            f.write(repr(cookie))
#            f.write(repr(cookievalue))
#            f.write("\n")
#            f.close()
        else : #------ no cookies
            url = hrloginurl + 'http://' + request.http_host + request.request_uri
            request.http_redirect(url)
            return request.finish()
                
        # XXX now we decode and parse the cookie value - edit this to fit your needs.
        # the minimum we need to get is auth_username. aliasname and email is optional.
        auth_username = aliasname = email = ''
        try:
            auth_username = cookievalue[12] # having this cookie means user auth has already been done!
            aliasname = "%s %s" % (cookievalue[0], cookievalue[1]) # aliasname is for cosmetical stuff only
            email = cookievalue[2]
        except IndexError: # XXX this is for debugging it, in case it does not work
            if 0:
                f = open("cookie.log", "a")
                f.write("\nIndexError\n")
                f.write(repr(cookie))
                f.write(repr(cookievalue))
                f.write("\n")
                f.close()
            pass

        lifetime = int(request.cfg.cookie_lifetime) * 3600
        now = time.time()
        expires = now + lifetime
        from Cookie import SimpleCookie
        c = SimpleCookie()
        c[cookiename] = urllib.quote('|'.join(cookievalue))
        c[cookiename]['domain'] = request.cfg.cookie_domain
        c[cookiename]['path'] = request.cfg.cookie_path
        c[cookiename]['expires'] = request.httpDate(when=expires, rfc='850')
		# from setCookie
        request.setHttpHeader(c.output())
        # Update the saved cookie, so other code works with new setup
        request.saved_cookie = c.output()

        from MoinMoin.user import User
        # giving auth_username to User constructor means that authentication has already been done.
        user = User(request, name=auth_username, auth_username=auth_username)
        
        try_next = False # never try again
        changed = False
        if aliasname != user.aliasname: # was the aliasname externally updated?
            user.aliasname = aliasname ; changed = True # yes -> update user profile
        if email != user.email: # was the email addr externally updated?
            user.email = email ; changed = True # yes -> update user profile

        if user:
            user.create_or_update(changed)
        if user and user.valid: # did we succeed making up a valid user?
            try_next = False # stop processing auth method list

        return user, try_next

class Config(DefaultConfig):
    from MoinMoin.auth import MoinAuth
    # first try the external_cookie, then http basic auth, then the usual moin_cookie
    #auth = [MoinAuth()]
    auth = [ExternalCookie(),MoinAuth()]
    cookie_domain = '.nsf.att.com'
    cookie_lifetime = 24
    # ... (rest of your config follows here) ...




    # Wiki identity ----------------------------------------------------

    # Site name, used by default for wiki name-logo [Unicode]
    sitename = u'HSPS Wiki'

    # Wiki logo. You can use an image, text or both. [Unicode]
    # For no logo or text, use '' - the default is to show the sitename.
    # See also url_prefix setting below!
    logo_string = u'<img src="/images/attlogo-trans1.gif" alt="ATT Logo">'

    # name of entry page / front page [Unicode], choose one of those:
    
    # a) if most wiki content is in a single language
    page_front_page = u"TechnologyDevelopmentDelivery"
    
    # b) if wiki content is maintained in many languages
    #page_front_page = u"FrontPage"

    # The interwiki name used in interwiki links
    #interwikiname = 'UntitledWiki'
    # Show the interwiki name (and link it to page_front_page) in the Theme,
    # nice for farm setups or when your logo does not show the wiki's name.
    #show_interwiki = 1
    page_footer1 = '<div id="att-confidential" style="text-align: center;font-size: .8em;"><span style="font-weight: bold;">AT&T - RESTRICTED</span><br/>Use pursuant to Company instructions</div>'

    

    # Critical setup  ---------------------------------------------------

    # Misconfiguration here will render your wiki unusable. Check that
    # all directories are accessible by the web server or moin server.

    # If you encounter problems, try to set data_dir and data_underlay_dir
    # to absolute paths.

    # Where your mutable wiki pages are. You want to make regular
    # backups of this directory.
    data_dir = '/home/www/wiki/data/'

    # Where read-only system and help page are. You might want to share
    # this directory between several wikis. When you update MoinMoin,
    # you can safely replace the underlay directory with a new one. This
    # directory is part of MoinMoin distribution, you don't have to
    # backup it.
    data_underlay_dir = '/home/www/wiki/underlay/'

    # This must be '/wiki' for twisted and standalone. For CGI, it should
    # match your Apache Alias setting.
    #url_prefix = '/wiki'
    # The URL prefix we use to access the static stuff (img, css, js).
    url_prefix_static = '/wiki'
    

    # Security ----------------------------------------------------------

    # This is checked by some rather critical and potentially harmful actions,
    # like despam or PackageInstaller action:
    superuser = [u"mjmatthews", ]
    
    # IMPORTANT: grant yourself admin rights! replace YourName with
    # your user name. See HelpOnAccessControlLists for more help.
    # All acl_rights_xxx options must use unicode [Unicode]
    acl_rights_before = u"mjmatthews:read,write,delete,revert,admin"
    acl_rights_default = u"All:read,write,delete,revert"
    
    # Link spam protection for public wikis (Uncomment to enable)
    # Needs a reliable internet connection.
    #from MoinMoin.util.antispam import SecurityPolicy


    # Mail --------------------------------------------------------------
    
    # Configure to enable subscribing to pages (disabled by default)
    # or sending forgotten passwords.

    # SMTP server, e.g. "mail.provider.com" (None to disable mail)
    mail_smarthost = "mailhost.att.com"

    # The return address, e.g u"Jürgen Wiki <noreply at mywiki.org>" [Unicode]
    mail_from = u"%(DEVTEST WIKI) <noreply at webhsps.nsf.att.com>"

    # "user pwd" if you need to use SMTP AUTH
    mail_login = ""


    # User interface ----------------------------------------------------
    
    # Add your wikis important pages at the end. It is not recommended to
    # remove the default links.  Leave room for user links - don't use
    # more than 6 short items.
    # You MUST use Unicode strings here, but you need not use localized
    # page names for system and help pages, those will be used automatically
    # according to the user selected language. [Unicode]
    navi_bar = [
        # If you want to show your page_front_page here:
        u'%(page_front_page)s',
        u'RecentChanges',
        u'FindPage',
        u'HelpContents',
    ]

    # The default theme anonymous or new users get
    theme_default = 'AttBlue'
    

    # Language options --------------------------------------------------

    # See http://moinmoin.wikiwikiweb.de/ConfigMarket for configuration in 
    # YOUR language that other people contributed.

    # The main wiki language, set the direction of the wiki pages
    language_default = 'en'

    # You must use Unicode strings here [Unicode]
    #page_category_regex = u'^Category[A-Z]'
    #page_dict_regex = u'[a-z]Dict$'
    #page_form_regex = u'[a-z]Form$'
    #page_group_regex = u'[a-z]Group$'
    #page_template_regex = u'[a-z]Template$'
    page_category_regex = ur'(?P<all>Category(?P<key>(?!Template)\S+))'
    page_dict_regex = ur'(?P<all>(?P<key>\S+)Dict)'
    page_group_regex = ur'(?P<all>(?P<key>\S+)Group)'
    page_template_regex = ur'(?P<all>(?P<key>\S+)Template)'


    # Content options ---------------------------------------------------

    # Show users hostnames in RecentChanges
    show_hosts = 1                  

    # Enable graphical charts, requires gdchart.
    #chart_options = {'width': 600, 'height': 300}
	#show_section_numbers = 1






More information about the Moin-user mailing list