On Fri, 2008-03-14 at 23:30 -0500, Toshio Kuratomi wrote: > John (J5) Palmieri wrote: > > On Thu, 2008-03-13 at 17:59 -0500, Toshio Kuratomi wrote: > >> J5: Look at how jsonfas is implemented and tell me if that would for ths > >> model. > >> > >> bzr branch bzr://bzr.fedorahosted.org/bzr/python-fedora/python-fedora-devel > >> > >> cd python-fedora-devel/fedora/tg/identity > >> vim jsonfasprovider.py > >> # Take a look at JsonFasIdentity > >> > >> -Toshio > > > > It look promising though I am not totally sure how it works. Let me see > > if I get this right. At the start of the proxied request (basically just > > a TG controller in my domain which is called via JSON) I create a > > JsonFasIdentity and supply it with the user, username and password using > > the tg.identity object or is that the JsonFasIdentity? It will then set > > the correct cookies for the next link. I make my next JSON call to a > > FAS2 enabled resource like Bodhi and Bodhi treats me as if I was logged > > in? Is this correct? Do I call logout on the JsonFasIdentity object? > > Can this stand up to being called 10 times per page load for each query > > I need to make? > > > > This is how jsonfasprovider works: > > 1) The user visits myfedora and enters a username/password to log in. > 2) The login request uses jsonfasprovider to authenticate the user > against fas. Fas allows the user and sends a cookie back to myfedora. > 3) myfedora (still via jsonfasprovider) sets the cookie on the user's > browser. > > This applies to myfedora because myfedora can use a similar method to > send the user's authentication token to Bodhi. You'll inherit from > BaseClient similar to what JsonFasIdentity does but targeted at Bodhi's > location instead of FAS (Call it BodhiClient, for now). > > 1) Logged in user accesses myfedora > 2) You instantiate a BodhiClient object. > 3) You set or have BodhiClient set _sessionCookie with the visit_key > (available from identity.current.visit_key) > 4) You call or have BodhiClient send_request() to retrieve your data. > (Remember to specify auth=True since the client needs to retrieve the > data for the authenticated user.) > 5) Operate on the data. > > So you are proxying the session cookie that the user sends to you to the > actual server that is providing the information. > > -Toshio Win!!! I'll try to get this working soon. Thanks. -- John (J5) Palmieri <johnp@xxxxxxxxxx> _______________________________________________ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
