dave at pythonapocrypha.com
Fri Jun 6 21:31:29 CEST 2003
On Fri, 6 Jun 2003, Justin Johnson wrote:
> On Fri, 6 Jun 2003 12:13:26 -0700 (PDT), "Dave Brueck"
> <dave at pythonapocrypha.com> said:
> > On Fri, 6 Jun 2003, Justin Johnson wrote:
> > > I have a simple xmlrpc server (using xmlrpclib) that accepts requests
> > > from clients and runs some administrative commands on a bunch of servers
> > > I support. I would like to lock down access to the service so that only
> > > authorized users can use it, by authenticating with a user name and
> > > password.
> > >
> > > Has anyone done this before? Is there an already existent authentication
> > > framework available I can use with xmlrpc?
> > I use the improvements to xmlrpclib listed here:
> > http://www.zope.org/Members/Amos/XML-RPC
> Would you mind explaining to me how you use them? In conjunction with
> the example in the cookbook perhaps...
Assuming you've been using the XMLRPC client like this:
s = xmlrpclib.ServerProxy(url)
then you would use the BasicAuthTransport in that above HOWTO like this:
s = xmlrpclib.ServerProxy(url, BasicAuthTransport(username, password)
Everything else would remain the same. With a little work you could
rewrite BasicAuthTransport to be a mixin to use with xmlrpclib's Transport
and SafeTransport classes (thus enabling use over HTTPS as well).
More information about the Python-list