[Moin-user] Multiple authentication pass through

Ryan Lee ryanlee at zepheira.com
Wed Jun 1 19:09:57 EDT 2011


I currently have a MoinMoin auth list comprised of a primary LDAP
server, backup mirror LDAP to the primary, and MoinAuth.  While the fact
that the primary and backup were out of sync was very helpfully exposed
by the fact that Moin used both (so users who hadn't made it to the
mirror couldn't log in even after a successful auth against the
primary), this isn't how we want things to run normally.  The way I
understand the semantics of the auth list, the first successful
authenticator should take precedence over any that follow.

I see in MoinMoin 1.9.3 that MoinMoin.auth.MoinAuth.login contains this
snippet near its start:

        # simply continue if something else already logged in successfully
        if user_obj and user_obj.valid:
            return ContinueLogin(user_obj)

It is perhaps not so straightforward that every authenticator should do
the same, but MoinMoin.auth.ldap_login.LDAPAuth.login does not, and I
think it should.  Does that sound reasonable?


More information about the Moin-user mailing list