Personal tools
You are here: Home Documentation Manuals PAS reference manual Developing for PAS Authorisation process Authorisation algorithm
Support

Get Help

Join our chat rooms or support forums if you have more specific questions.

Plone Training
Learn how to design, build, and deploy a website in Plone through one of the numerous Plone training sessions around the world.
Find Plone training…
 
Document Actions

3.3.1. Authorisation algorithm

Up one level

These are the steps the PAS user folder follows in its validate method:

  1. extract all credentials. This looks for any possible form of authentication information in a request: HTTP cookies, HTTP form parameters, HTTP authentication headers, originating IP address, etc. A request can have multiple (or no) sets of credentials.
  2. for each set of credentials found
    1. try to authorise the credentials. This checks if the credentials correspond to a known user and are valid.
    2. create a user instance
    3. try to authorise the request. If succesful use this user and stop further processing.
  3. create an anonymous user
  4. try to authorise the request using the anonymous user. If succesful use this, if not:
  5. issue a challenge
Next: Credential extraction Previous: Authorisation process  
by Wichert Akkerman last modified April 2, 2007 - 08:03 All content is copyright Plone Foundation and the individual contributors.

authentication vs. authorization

Posted by David Durham at March 18, 2008 - 18:47
I think you mean to say that PAS authenticates the credentials as valid, not authorizes the credentials ..

For any issues with the web site functionality, please file a ticket.

Please consult the policy on plone.org content if you want your content published on this site.

Servers and hosting by