<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>FASWho Plugin — python-fedora v0.3.25.1 documentation</title>
<link rel="stylesheet" href="_static/default.css" type="text/css" />
<link rel="stylesheet" href="_static/pygments.css" type="text/css" />
<script type="text/javascript">
var DOCUMENTATION_OPTIONS = {
URL_ROOT: '',
VERSION: '0.3.25.1',
COLLAPSE_INDEX: false,
FILE_SUFFIX: '.html',
HAS_SOURCE: true
};
</script>
<script type="text/javascript" src="_static/jquery.js"></script>
<script type="text/javascript" src="_static/underscore.js"></script>
<script type="text/javascript" src="_static/doctools.js"></script>
<link rel="search" type="application/opensearchdescription+xml"
title="Search within python-fedora v0.3.25.1 documentation"
href="_static/opensearch.xml"/>
<link rel="top" title="python-fedora v0.3.25.1 documentation" href="index.html" />
<link rel="up" title="Authentication to FAS" href="auth.html" />
<link rel="next" title="JavaScript" href="javascript.html" />
<link rel="prev" title="Fedora Django Authentication Backend" href="django.html" />
</head>
<body>
<div class="related">
<h3>Navigation</h3>
<ul>
<li class="right" style="margin-right: 10px">
<a href="genindex.html" title="General Index"
accesskey="I">index</a></li>
<li class="right" >
<a href="py-modindex.html" title="Python Module Index"
>modules</a> |</li>
<li class="right" >
<a href="javascript.html" title="JavaScript"
accesskey="N">next</a> |</li>
<li class="right" >
<a href="django.html" title="Fedora Django Authentication Backend"
accesskey="P">previous</a> |</li>
<li><a href="index.html">python-fedora v0.3.25.1 documentation</a> »</li>
<li><a href="auth.html" accesskey="U">Authentication to FAS</a> »</li>
</ul>
</div>
<div class="document">
<div class="documentwrapper">
<div class="bodywrapper">
<div class="body">
<div class="section" id="faswho-plugin">
<h1>FASWho Plugin<a class="headerlink" href="#faswho-plugin" title="Permalink to this headline">¶</a></h1>
<table class="docutils field-list" frame="void" rules="none">
<col class="field-name" />
<col class="field-body" />
<tbody valign="top">
<tr class="field"><th class="field-name">Authors:</th><td class="field-body">Luke Macken
Toshio Kuratomi</td>
</tr>
<tr class="field"><th class="field-name">Date:</th><td class="field-body">3 September 2011</td>
</tr>
</tbody>
</table>
<p>This plugin provides authentication to the Fedora Account System using the
<cite>repoze.who</cite> WSGI middleware. It is designed for use with <a class="reference internal" href="glossary.html#term-turbogears2"><em class="xref std std-term">TurboGears2</em></a>
but it may be used with any <cite>repoze.who</cite> using application. Like
<a class="reference internal" href="auth.html#jsonfas2"><em>TurboGears Identity Provider 2</em></a>, faswho has builtin <a class="reference internal" href="glossary.html#term-csrf"><em class="xref std std-term">CSRF</em></a> protection. This protection
is implemented as a second piece of middleware and may be used with other
<cite>repoze.who</cite> authentication schemes.</p>
<div class="section" id="authenticating-against-fas-with-turbogears2">
<h2>Authenticating against FAS with TurboGears2<a class="headerlink" href="#authenticating-against-fas-with-turbogears2" title="Permalink to this headline">¶</a></h2>
<p>Setting up authentication against FAS in <a class="reference internal" href="glossary.html#term-turbogears2"><em class="xref std std-term">TurboGears2</em></a> is very easy. It
requires one change to be made to <tt class="file docutils literal"><span class="pre">app/config/app_cfg.py</span></tt>. This change
will take care of registering faswho as the authentication provider, enabling
<a class="reference internal" href="glossary.html#term-csrf"><em class="xref std std-term">CSRF</em></a> protection, switching <tt class="xref py py-func docutils literal"><span class="pre">tg.url()</span></tt> to use
<tt class="xref py py-func docutils literal"><span class="pre">fedora.ta2g.utils.url()</span></tt> instead, and allowing the <cite>_csrf_token</cite>
parameter to be given to any URL.</p>
<dl class="function">
<dt id="fedora.tg2.utils.add_fas_auth_middleware">
<tt class="descclassname">fedora.tg2.utils.</tt><tt class="descname">add_fas_auth_middleware</tt><big>(</big><em>self</em>, <em>app</em>, <em>*args</em><big>)</big><a class="headerlink" href="#fedora.tg2.utils.add_fas_auth_middleware" title="Permalink to this definition">¶</a></dt>
<dd><p>Add our FAS authentication middleware.</p>
<p>This is a convenience method that sets up the FAS authentication
middleware. It needs to be used in <tt class="file docutils literal"><span class="pre">app/config/app_cfg.py</span></tt> like
this:</p>
<div class="highlight-diff"><div class="highlight"><pre> from myapp import model
from myapp.lib import app_globals, helpers.
<span class="gd">-base_config = AppConfig()</span>
<span class="gi">+from fedora.tg.tg2utils import add_fas_auth_middleware</span>
<span class="gi">+</span>
<span class="gi">+class MyAppConfig(AppConfig):</span>
<span class="gi">+ add_auth_middleware = add_fas_auth_middleware</span>
<span class="gi">+</span>
<span class="gi">+base_config = MyAppConfig()</span>
<span class="gi">+</span>
base_config.renderers = []
base_config.package = myapp
</pre></div>
</div>
<p>The configuration of the faswho middleware is done via attributes on
MyAppConfig. For instance, to change the base url for the FAS server to
be authenticated against, set the connection to insecure for testing, and
the url of the login form, do this:</p>
<div class="highlight-python"><div class="highlight"><pre><span class="kn">from</span> <span class="nn">bunch</span> <span class="kn">import</span> <span class="n">Bunch</span>
<span class="k">class</span> <span class="nc">MyAppConfig</span><span class="p">(</span><span class="n">AppConfig</span><span class="p">):</span>
<span class="n">fas_auth</span> <span class="o">=</span> <span class="n">Bunch</span><span class="p">(</span>
<span class="n">fas_url</span><span class="o">=</span><span class="s">'https://fakefas.fedoraproject.org/accounts'</span><span class="p">,</span>
<span class="n">insecure</span><span class="o">=</span><span class="bp">True</span><span class="p">,</span> <span class="n">login_form_url</span><span class="o">=</span><span class="s">'/alternate/login'</span><span class="p">)</span>
<span class="n">add_auth_middleware</span> <span class="o">=</span> <span class="n">add_fas_auth_middleware</span>
</pre></div>
</div>
<p>The complete set of values that can be set in <tt class="xref py py-attr docutils literal"><span class="pre">fas_auth</span></tt> is the same
as the parameters that can be passed to
<a class="reference internal" href="#fedora.wsgi.faswho.faswhoplugin.make_faswho_middleware" title="fedora.wsgi.faswho.faswhoplugin.make_faswho_middleware"><tt class="xref py py-func docutils literal"><span class="pre">fedora.wsgi.faswho.faswhoplugin.make_faswho_middleware()</span></tt></a></p>
</dd></dl>
<dl class="function">
<dt id="fedora.wsgi.faswho.faswhoplugin.make_faswho_middleware">
<tt class="descclassname">fedora.wsgi.faswho.faswhoplugin.</tt><tt class="descname">make_faswho_middleware</tt><big>(</big><em>app</em>, <em>log_stream=None</em>, <em>login_handler='/login_handler'</em>, <em>login_form_url='/login'</em>, <em>logout_handler='/logout_handler'</em>, <em>post_login_url='/post_login'</em>, <em>post_logout_url=None</em>, <em>fas_url='https://admin.fedoraproject.org/accounts/'</em>, <em>insecure=False</em><big>)</big><a class="headerlink" href="#fedora.wsgi.faswho.faswhoplugin.make_faswho_middleware" title="Permalink to this definition">¶</a></dt>
<dd><table class="docutils field-list" frame="void" rules="none">
<col class="field-name" />
<col class="field-body" />
<tbody valign="top">
<tr class="field"><th class="field-name">App :</th><td class="field-body">WSGI app that is being wrapped</td>
</tr>
<tr class="field"><th class="field-name">Log_stream :</th><td class="field-body"><tt class="xref py py-class docutils literal"><span class="pre">logging.Logger</span></tt> to log auth messages</td>
</tr>
<tr class="field"><th class="field-name">Login_handler :</th><td class="field-body">URL where the login form is submitted</td>
</tr>
<tr class="field"><th class="field-name" colspan="2">Login_form_url :</th></tr>
<tr><td> </td><td class="field-body">URL where the login form is displayed</td>
</tr>
<tr class="field"><th class="field-name" colspan="2">Logout_handler :</th></tr>
<tr><td> </td><td class="field-body">URL where the logout form is submitted</td>
</tr>
<tr class="field"><th class="field-name" colspan="2">Post_login_url :</th></tr>
<tr><td> </td><td class="field-body">URL to redirect the user to after login</td>
</tr>
<tr class="field"><th class="field-name" colspan="2">Post_logout_url :</th></tr>
<tr><td> </td><td class="field-body">URL to redirect the user to after logout</td>
</tr>
<tr class="field"><th class="field-name">Fas_url :</th><td class="field-body">Base URL to the FAS server</td>
</tr>
<tr class="field"><th class="field-name">Insecure :</th><td class="field-body">Allow connecting to a fas server without checking the server’s
SSL certificate. Opens you up to MITM attacks but can be useful
when testing. <em>Do not enable this in production</em></td>
</tr>
</tbody>
</table>
</dd></dl>
</div>
<div class="section" id="using-csrf-middleware-with-other-auth-methods">
<h2>Using CSRF middleware with other Auth Methods<a class="headerlink" href="#using-csrf-middleware-with-other-auth-methods" title="Permalink to this headline">¶</a></h2>
<p>This section needs to be made clearer so that apps like mirrormanager can be
ported to use this.</p>
<span class="target" id="module-fedora.wsgi.csrf"></span><p>Cross-site Request Forgery Protection.</p>
<p><a class="reference external" href="http://en.wikipedia.org/wiki/Cross-site_request_forgery">http://en.wikipedia.org/wiki/Cross-site_request_forgery</a></p>
<p><em>Module author: John (J5) Palmieri <<a class="reference external" href="mailto:johnp%40redhat.com">johnp<span>@</span>redhat<span>.</span>com</a>></em></p>
<p><em>Module author: Luke Macken <<a class="reference external" href="mailto:lmacken%40redhat.com">lmacken<span>@</span>redhat<span>.</span>com</a>></em></p>
<p class="versionadded">
<span class="versionmodified">New in version 0.3.17.</span></p>
<dl class="class">
<dt id="fedora.wsgi.csrf.CSRFProtectionMiddleware">
<em class="property">class </em><tt class="descclassname">fedora.wsgi.csrf.</tt><tt class="descname">CSRFProtectionMiddleware</tt><big>(</big><em>application</em>, <em>csrf_token_id='_csrf_token'</em>, <em>clear_env='repoze.who.identity repoze.what.credentials'</em>, <em>token_env='CSRF_TOKEN'</em>, <em>auth_state='CSRF_AUTH_STATE'</em><big>)</big><a class="headerlink" href="#fedora.wsgi.csrf.CSRFProtectionMiddleware" title="Permalink to this definition">¶</a></dt>
<dd><p>CSRF Protection WSGI Middleware.</p>
<p>A layer of WSGI middleware that is responsible for making sure authenticated
requests originated from the user inside of the app’s domain
and not a malicious website.</p>
<p>This middleware works with the <tt class="xref py py-mod docutils literal"><span class="pre">repoze.who</span></tt> middleware, and requires
that it is placed below <tt class="xref py py-mod docutils literal"><span class="pre">repoze.who</span></tt> in the WSGI stack,
since it relies upon <tt class="docutils literal"><span class="pre">repoze.who.identity</span></tt> to exist in the environ before
it is called.</p>
<p>To utilize this middleware, you can just add it to your WSGI stack below
the <tt class="xref py py-mod docutils literal"><span class="pre">repoze.who</span></tt> middleware. Here is an example of utilizing the
<cite>CSRFProtectionMiddleware</cite> within a TurboGears2 application.
In your <tt class="docutils literal"><span class="pre">project/config/middleware.py</span></tt>, you would wrap your main
application with the <cite>CSRFProtectionMiddleware</cite>, like so:</p>
<div class="highlight-python"><div class="highlight"><pre><span class="kn">from</span> <span class="nn">fedora.wsgi.csrf</span> <span class="kn">import</span> <span class="n">CSRFProtectionMiddleware</span>
<span class="k">def</span> <span class="nf">make_app</span><span class="p">(</span><span class="n">global_conf</span><span class="p">,</span> <span class="n">full_stack</span><span class="o">=</span><span class="bp">True</span><span class="p">,</span> <span class="o">**</span><span class="n">app_conf</span><span class="p">):</span>
<span class="n">app</span> <span class="o">=</span> <span class="n">make_base_app</span><span class="p">(</span><span class="n">global_conf</span><span class="p">,</span> <span class="n">wrap_app</span><span class="o">=</span><span class="n">CSRFProtectionMiddleware</span><span class="p">,</span>
<span class="n">full_stack</span><span class="o">=</span><span class="n">full_stack</span><span class="p">,</span> <span class="o">**</span><span class="n">app_conf</span><span class="p">)</span>
</pre></div>
</div>
<p>You then need to add the CSRF token to every url that you need to be
authenticated for. When used with TurboGears2, an overridden version of
<tt class="xref py py-func docutils literal"><span class="pre">tg.url()</span></tt> is provided. You can use it directly by calling:</p>
<div class="highlight-python"><div class="highlight"><pre><span class="kn">from</span> <span class="nn">fedora.tg.tg2utils</span> <span class="kn">import</span> <span class="n">url</span>
<span class="p">[</span><span class="o">...</span><span class="p">]</span>
<span class="n">url</span> <span class="o">=</span> <span class="n">url</span><span class="p">(</span><span class="s">'/authentication_needed'</span><span class="p">)</span>
</pre></div>
</div>
<p>An easier and more portable way to use that is from within TG2 to set this
up is to use <tt class="xref py py-func docutils literal"><span class="pre">fedora.tg.tg2utils.enable_csrf()</span></tt> when you setup your
application. This function will monkeypatch TurboGears2’s <tt class="xref py py-func docutils literal"><span class="pre">tg.url()</span></tt>
so that it adds a csrf token to urls. This way, you can keep the same
code in your templates and controller methods whether or not you configure
the CSRF middleware to provide you with protection via
<tt class="xref py py-func docutils literal"><span class="pre">enable_csrf()</span></tt>.</p>
</dd></dl>
<dl class="class">
<dt id="fedora.wsgi.csrf.CSRFMetadataProvider">
<em class="property">class </em><tt class="descclassname">fedora.wsgi.csrf.</tt><tt class="descname">CSRFMetadataProvider</tt><big>(</big><em>csrf_token_id='_csrf_token'</em>, <em>session_cookie='tg-visit'</em>, <em>clear_env='repoze.who.identity repoze.what.credentials'</em>, <em>login_handler='/post_login'</em>, <em>token_env='CSRF_TOKEN'</em>, <em>auth_session_id='CSRF_AUTH_SESSION_ID'</em>, <em>auth_state='CSRF_AUTH_STATE'</em><big>)</big><a class="headerlink" href="#fedora.wsgi.csrf.CSRFMetadataProvider" title="Permalink to this definition">¶</a></dt>
<dd><p>Repoze.who CSRF Metadata Provider Plugin.</p>
<p>This metadata provider is called with an authenticated users identity
automatically by repoze.who. It will then take the SHA1 hash of the
users session cookie, and set it as the CSRF token in
<tt class="docutils literal"><span class="pre">environ['repoze.who.identity']['_csrf_token']</span></tt>.</p>
<p>This plugin will also set <tt class="docutils literal"><span class="pre">CSRF_AUTH_STATE</span></tt> in the environ if the user
has just authenticated during this request.</p>
<p>To enable this plugin in a TurboGears2 application, you can
add the following to your <tt class="docutils literal"><span class="pre">project/config/app_cfg.py</span></tt></p>
<div class="highlight-python"><div class="highlight"><pre><span class="kn">from</span> <span class="nn">fedora.wsgi.csrf</span> <span class="kn">import</span> <span class="n">CSRFMetadataProvider</span>
<span class="n">base_config</span><span class="o">.</span><span class="n">sa_auth</span><span class="o">.</span><span class="n">mdproviders</span> <span class="o">=</span> <span class="p">[(</span><span class="s">'csrfmd'</span><span class="p">,</span> <span class="n">CSRFMetadataProvider</span><span class="p">())]</span>
</pre></div>
</div>
<p>Note: If you use the faswho plugin, this is turned on automatically.</p>
</dd></dl>
</div>
<div class="section" id="templates">
<h2>Templates<a class="headerlink" href="#templates" title="Permalink to this headline">¶</a></h2>
<p>The <tt class="xref py py-mod docutils literal"><span class="pre">fedora.tg2.utils</span></tt> module contains some templates to help you
write <a class="reference internal" href="glossary.html#term-csrf"><em class="xref std std-term">CSRF</em></a> aware login forms and buttons. You can use the
<a class="reference internal" href="#fedora.tg2.utils.fedora_template" title="fedora.tg2.utils.fedora_template"><tt class="xref py py-func docutils literal"><span class="pre">fedora_template()</span></tt></a> function to integrate them into your
templates:</p>
<dl class="function">
<dt id="fedora.tg2.utils.fedora_template">
<tt class="descclassname">fedora.tg2.utils.</tt><tt class="descname">fedora_template</tt><big>(</big><em>template</em>, <em>template_type='mako'</em>, <em>dotted_lookup=True</em><big>)</big><a class="headerlink" href="#fedora.tg2.utils.fedora_template" title="Permalink to this definition">¶</a></dt>
<dd><p>Function to return the path to a template.</p>
<table class="docutils field-list" frame="void" rules="none">
<col class="field-name" />
<col class="field-body" />
<tbody valign="top">
<tr class="field"><th class="field-name">Parameters:</th><td class="field-body"><ul class="first simple">
<li><strong>template</strong> – filename of the template itself. Ex: login.mak</li>
<li><strong>template_type</strong> – template language we need the template written in
Defaults to ‘mako’</li>
<li><strong>dotted_lookup</strong> – if True, return the resource as a dotted module path
If False, return the resource as a filename. Default: True</li>
</ul>
</td>
</tr>
<tr class="field"><th class="field-name">Returns:</th><td class="field-body"><p class="first last">filesystem path or dotted module path equivalent to the template</p>
</td>
</tr>
</tbody>
</table>
<p class="versionchanged">
<span class="versionmodified">Changed in version 0.3.25: </span>Added dotted_lookup
Made this work with tg2</p>
</dd></dl>
<p>The templates themselves are:</p>
<span class="target" id="module-fedora.tg2.templates.mako"></span><p>Mako version of templates to make adding certain Fedora widgets easier.</p>
<div class="section" id="module-login">
<span id="login-mak"></span><h3><tt class="xref py py-mod docutils literal"><span class="pre">login.mak</span></tt><a class="headerlink" href="#module-login" title="Permalink to this headline">¶</a></h3>
<p><em>Module author: Toshio Kuratomi <<a class="reference external" href="mailto:tkuratom%40redhat.com">tkuratom<span>@</span>redhat<span>.</span>com</a>></em></p>
<p class="versionadded">
<span class="versionmodified">New in version 0.3.25.</span></p>
<p>Include this using:</p>
<div class="highlight-python"><pre><%namespace name="fedora" file="${context['fedora_template']('login.mak')}" /></pre>
</div>
<dl class="function">
<dt id="login.loginform">
<tt class="descclassname">login.</tt><tt class="descname">loginform</tt><big>(</big><em>message=''</em><big>)</big><a class="headerlink" href="#login.loginform" title="Permalink to this definition">¶</a></dt>
<dd></dd></dl>
<table class="docutils field-list" frame="void" rules="none">
<col class="field-name" />
<col class="field-body" />
<tbody valign="top">
<tr class="field"><th class="field-name">kwarg message:</th><td class="field-body">Any text or elements contained by the <loginform> tag will be shown
as a message to the user. This is generally used to show status of the
last login attempt (“Please provide your credentials”, “Supplied
credentials were not correct”, etc)</td>
</tr>
</tbody>
</table>
<p>A function for generating the main login form. This is a <a class="reference internal" href="glossary.html#term-csrf"><em class="xref std std-term">CSRF</em></a>
token-aware login form that will prompt for username and password when no
session identity is present and ask the user to click a link if they merely
lack a token.</p>
<p>Typical usage, given the above import of the <tt class="file docutils literal"><span class="pre">login.mak</span></tt> template would
be:</p>
<div class="highlight-python"><pre>${fedora.loginform()}</pre>
</div>
<dl class="function">
<dt id="login.logintoolitem">
<tt class="descclassname">login.</tt><tt class="descname">logintoolitem</tt><big>(</big><em>href=None</em><big>)</big><a class="headerlink" href="#login.logintoolitem" title="Permalink to this definition">¶</a></dt>
<dd></dd></dl>
<table class="docutils field-list" frame="void" rules="none">
<col class="field-name" />
<col class="field-body" />
<tbody valign="top">
<tr class="field"><th class="field-name">kwarg href:</th><td class="field-body">If an href is given, when a user is logged in, their username or
display_name will be a link to the URL.</td>
</tr>
</tbody>
</table>
<p>This function creates an entry into a toolbar for logging into a web app.
The entry will contain the user’s username and a logout button if the user is
logged in, a verify login button if the user has a session cookie but not
a <a class="reference internal" href="glossary.html#term-csrf"><em class="xref std std-term">CSRF</em></a> token, or a login button if the user doesn’t have a session
cookie.</p>
<p>Typical usage looks like this:</p>
<div class="highlight-python"><pre><ul class="toolbar" id="#main-toolbar">
${fedora.logintoolitem(href=tg.url('/users/info'))}
</ul></pre>
</div>
</div>
<div class="section" id="module-jsglobals">
<span id="jsglobals-mak"></span><h3><tt class="xref py py-mod docutils literal"><span class="pre">jsglobals.mak</span></tt><a class="headerlink" href="#module-jsglobals" title="Permalink to this headline">¶</a></h3>
<p><em>Module author: Toshio Kuratomi <<a class="reference external" href="mailto:tkuratom%40redhat.com">tkuratom<span>@</span>redhat<span>.</span>com</a>></em></p>
<p class="versionadded">
<span class="versionmodified">New in version 0.3.25.</span></p>
<p>Include this using:</p>
<div class="highlight-python"><pre><%namespace name="jsglobals" file="${context['fedora_template']('jsglobals.mak')}" /></pre>
</div>
<dl class="function">
<dt id="jsglobals.jsglobals">
<tt class="descclassname">jsglobals.</tt><tt class="descname">jsglobals</tt><big>(</big><big>)</big><a class="headerlink" href="#jsglobals.jsglobals" title="Permalink to this definition">¶</a></dt>
<dd></dd></dl>
<p>A function to add global variables to a page. Typically, you’d include
this in your <tt class="file docutils literal"><span class="pre">master.mak</span></tt> template and let the javascript variables
defined there propogate to every page on your site (since they all should
inherit from <tt class="file docutils literal"><span class="pre">master.mak</span></tt>). This adds the following variables in the
fedora namespace for other scripts to access:</p>
<blockquote>
<div><table class="docutils field-list" frame="void" rules="none">
<col class="field-name" />
<col class="field-body" />
<tbody valign="top">
<tr class="field"><th class="field-name">fedora.baseurl:</th><td class="field-body">URL fragment to prepend to any calls to the application.
In a <a class="reference internal" href="glossary.html#term-turbogears"><em class="xref std std-term">TurboGears</em></a> application, this is the scheme, host, and
server.webpath. Example: <a class="reference external" href="https://admin.fedoraproject.org/pkgdb/">https://admin.fedoraproject.org/pkgdb/</a>.
This may be a relative link.</td>
</tr>
<tr class="field"><th class="field-name" colspan="2">fedora.identity.anonymous:</th></tr>
<tr><td> </td><td class="field-body">If <tt class="docutils literal"><span class="pre">true</span></tt>, there will be no other variables
in the <cite>fedora.identity</cite> namespace. If <tt class="docutils literal"><span class="pre">false</span></tt>, these variables are
defined:</td>
</tr>
<tr class="field"><th class="field-name" colspan="2">fedora.identity.userid:</th></tr>
<tr><td> </td><td class="field-body">Numeric, unique identifier for the user</td>
</tr>
<tr class="field"><th class="field-name" colspan="2">fedora.identity.username:</th></tr>
<tr><td> </td><td class="field-body">Publically visible unique identifier for the
user</td>
</tr>
<tr class="field"><th class="field-name" colspan="2">fedora.identity.display_name:</th></tr>
<tr><td> </td><td class="field-body">Common human name for the user</td>
</tr>
<tr class="field"><th class="field-name" colspan="2">fedora.identity.token:</th></tr>
<tr><td> </td><td class="field-body">csrf token for this user’s session to be added to
urls that query the server.</td>
</tr>
</tbody>
</table>
</div></blockquote>
<p>Typical usage would be:</p>
<div class="highlight-python"><pre>${jsglobals.jsglobals()}</pre>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="sphinxsidebar">
<div class="sphinxsidebarwrapper">
<h3><a href="index.html">Table Of Contents</a></h3>
<ul>
<li><a class="reference internal" href="#">FASWho Plugin</a><ul>
<li><a class="reference internal" href="#authenticating-against-fas-with-turbogears2">Authenticating against FAS with TurboGears2</a></li>
<li><a class="reference internal" href="#using-csrf-middleware-with-other-auth-methods">Using CSRF middleware with other Auth Methods</a></li>
<li><a class="reference internal" href="#templates">Templates</a><ul>
<li><a class="reference internal" href="#module-login"><tt class="docutils literal"><span class="pre">login.mak</span></tt></a></li>
<li><a class="reference internal" href="#module-jsglobals"><tt class="docutils literal"><span class="pre">jsglobals.mak</span></tt></a></li>
</ul>
</li>
</ul>
</li>
</ul>
<h4>Previous topic</h4>
<p class="topless"><a href="django.html"
title="previous chapter">Fedora Django Authentication Backend</a></p>
<h4>Next topic</h4>
<p class="topless"><a href="javascript.html"
title="next chapter">JavaScript</a></p>
<h3>This Page</h3>
<ul class="this-page-menu">
<li><a href="_sources/faswho.txt"
rel="nofollow">Show Source</a></li>
</ul>
<div id="searchbox" style="display: none">
<h3>Quick search</h3>
<form class="search" action="search.html" method="get">
<input type="text" name="q" size="18" />
<input type="submit" value="Go" />
<input type="hidden" name="check_keywords" value="yes" />
<input type="hidden" name="area" value="default" />
</form>
<p class="searchtip" style="font-size: 90%">
Enter search terms or a module, class or function name.
</p>
</div>
<script type="text/javascript">$('#searchbox').show(0);</script>
</div>
</div>
<div class="clearer"></div>
</div>
<div class="related">
<h3>Navigation</h3>
<ul>
<li class="right" style="margin-right: 10px">
<a href="genindex.html" title="General Index"
>index</a></li>
<li class="right" >
<a href="py-modindex.html" title="Python Module Index"
>modules</a> |</li>
<li class="right" >
<a href="javascript.html" title="JavaScript"
>next</a> |</li>
<li class="right" >
<a href="django.html" title="Fedora Django Authentication Backend"
>previous</a> |</li>
<li><a href="index.html">python-fedora v0.3.25.1 documentation</a> »</li>
<li><a href="auth.html" >Authentication to FAS</a> »</li>
</ul>
</div>
<div class="footer">
© Copyright 2007-2011 Red Hat, Inc..
Last updated on Nov 02, 2011.
Created using <a href="http://sphinx.pocoo.org/">Sphinx</a> 1.0.7.
</div>
</body>
</html>
distrib
>
Fedora
>
14
>
x86_64
>
media
>
updates
>
by-pkgid
>
762e4b4e451f9de4722602c03fda2c9b
>
files
>
221
