Ubuntu Wiki

Purpose

There is basically no documentation on how to set up plain old authentication in a Zope 3 instance. The purpose of this documentation is as a brief recipe for setting up simple authentication in Zope 3... presumably for use by zope 3 components that you develope.

Setting It Up

1. First thing first, log in as the manager into your zope instance, and go to the main screen of the ZMI (@@contents.html).

2. Then Click on Manage Site in the top bar. The root level of zope is a Site and therefore can contain all sorts of utilities for managing a site. It's possible to have more than one site in the same zope instance, each with a different version of authentication.

3. Click Visit Default Folder or click on default in the list of contents (it should be the only one there).

4. Next add a Pluggable Authentication Utility which you will see as an option on the left in the Add menu.

5. Put in something for the prefix. Since this is your first PAU on the instance, it doesn't really matter what you use for the prefix. The prefix serves to distinquish between users (actually called principals) managed by different PAUs. And add in something for the id, like PAU. Then click Add

6. Now click on Register.

7. I'm not sure what permissions does in this case, but I would set it to Public (at the top of the drop down list of permissions)

8. Next you will see a screen that shows the Prefix you put entered in earlier, along with a list of Credential Plugins and Authenticator Plugins. We have not created any Authenticator Plugins so don't worry about that yet. Select Zope Realm Basic Auth (a utility) and click on the ugly arrow button pointing to the right. This does something to the effect of making your Pluggable Authentication Utility us that Credentials Plugin. You can even add more, but I'm not sure what this does. Finally click Change

9. After this you want to add a Principal Folder (see the left and Add menu again).

10. As before enter in a prefix, and object name. Again, I'm not sure what the prefix should be. Then click add.

11. Now click Register.

12. Enter in something for Register As and set the permission to Public. Then click Add

13. At this point you can add as many Principal Information objects as you want. Each of these correspond to a "user". I won't go over adding them as it is really easy (username, password, title, description fields). You can always add more later too.

14. Now go up one level in the directory tree. If you look at the breadcrumbs, click on the link to the right of "default". It should show the name of the Pluggable Authentication Utility you created. Here I put it as PAU

15. You should see that screen with the list of credential and authenticator plugins. Whereas before the Authenticator Plugins list was empty, it should now have the Principal Folder we created. Click on that, then click on the right arrow. Then click Change.
16. You are now done actually setting up the authenticator. You can go back to the main @@contents.html page of your site. The next time you login, you should be able to enter in any of the usernames you added as Principal Information objects earlier and their associated password.