repozewho1authenticationpolicy

When this directive is used, authentication information is obtained from a repoze.who.identity key in the WSGI environment, assumed to be set by repoze.who middleware.

Attributes

identifier_name

The identifier_name controls the name used to look up the repoze.who “identifier” plugin within request.environ['repoze.who.plugins'] which is used by this policy to “remember” and “forget” credentials. It defaults to auth_tkt.

callback

The callback is a Python dotted name to a function passed the repoze.who identity and the request as positional arguments. The callback is expected to return None if the user represented by the identity doesn’t exist or a sequence of group identifiers (possibly empty) if the user does exist. If callback is None, the userid will be assumed to exist with no groups. It defaults to None.

Example

<repozewho1authenticationpolicy
 identifier_name="auth_tkt"
 callback=".somemodule.somefunc"
 />

Alternatives

You may create an instance of the pyramid.authentication.RepozeWho1AuthenticationPolicy and pass it to the pyramid.config.Configurator constructor as the authentication_policy argument during initial application configuration.

See Also

See also Built-In Authentication Policy ZCML Directives and pyramid.authentication.RepozeWho1AuthenticationPolicy.