skip to navigation
skip to content 4.0.0

ZMI Views For Zope3 Security Components

This package provides ZMI browser views for Zope security components.

It used to provide a large part of security functionality for Zope 3, but it was factored out from this package to several little packages to reduce dependencies and improve reusability.

The functionality was splitted into these new packages:

  • zope.authentication - the IAuthentication interface and related utilities.
  • zope.principalregistry - the global principal registry and its zcml directives.
  • - the LocalPermission class that implements persistent permissions.

The rest of functionality that were provided by this package is merged into and zope.publisher.

Backward-compatibility imports are provided to ensure that older applications work. See CHANGES.txt for more info.

Detailed Documentation

The Query View for Authentication Utilities

A regular authentication service will not provide the ISourceQueriables interface, but it is a queriable itself, since it provides the simple getPrincipals(name) method:

>>> class Principal:
...     def __init__(self, id):
... = id
>>> class MyAuthUtility:
...     data = {'jim': Principal(42), 'don': Principal(0),
...             'stephan': Principal(1)}
...     def getPrincipals(self, name):
...         return [principal
...                 for id, principal in
...                 if name in id]

Now that we have our queriable, we create the view for it:

>>> from import AuthUtilitySearchView
>>> from zope.publisher.browser import TestRequest
>>> request = TestRequest()
>>> view = AuthUtilitySearchView(MyAuthUtility(), request)

This allows us to render a search form.

>>> print(view.render('test')) # doctest: +NORMALIZE_WHITESPACE
<div class="row">
<div class="label">
Search String
<div class="field">
<input type="text" name="test.searchstring" />
<div class="row">
<div class="field">
<input type="submit" name="" value="Search" />

If we ask for results:

>>> view.results('test')

We don’t get any, since we did not provide any. But if we give input:

>>> request.form['test.searchstring'] = 'n'

we still don’t get any:

>>> view.results('test')

because we did not press the button. So let’s press the button:

>>> request.form[''] = 'Search'

so that we now get results (!):

>>> ids = list(view.results('test'))
>>> ids.sort()
>>> ids
[0, 1]

Login/Logout Snippet

The class LoginLogout:

>>> from import LoginLogout

is used as a view to generate an HTML snippet suitable for logging in or logging out based on whether or not the current principal is authenticated.

When the current principal is unauthenticated, it provides IUnauthenticatedPrincipal:

>>> from zope.authentication.interfaces import IUnauthenticatedPrincipal
>>> from zope.principalregistry.principalregistry import UnauthenticatedPrincipal
>>> anonymous = UnauthenticatedPrincipal('anon', '', '')
>>> IUnauthenticatedPrincipal.providedBy(anonymous)

When LoginLogout is used for a request that has an unauthenticated principal, it provides the user with a link to ‘Login’:

>>> from zope.publisher.browser import TestRequest
>>> request = TestRequest()
>>> request.setPrincipal(anonymous)
>>> print(LoginLogout(None, request)())
<a href="@@login.html?nextURL=http%3A//">[Login]</a>

Attempting to login at this point will fail because nothing has authorized the principal yet:

>>> from import HTTPAuthenticationLogin
>>> login = HTTPAuthenticationLogin()
>>> login.request = request
>>> login.context = None
>>> login.failed = lambda: 'Login Failed'
>>> login.login()
'Login Failed'

There is a failsafe that will attempt to ask for HTTP Basic authentication:

>>> from import HTTPBasicAuthenticationLogin
>>> basic_login = HTTPBasicAuthenticationLogin()
>>> basic_login.request = request
>>> basic_login.failed = lambda: 'Basic Login Failed'
>>> basic_login.login()
'Basic Login Failed'
>>> request._response.getHeader('WWW-Authenticate', literal=True)
'basic realm="Zope"'
>>> request._response.getStatus()

Of course, an unauthorized principal is confirmed to be logged out:

>>> from import HTTPAuthenticationLogout
>>> logout = HTTPAuthenticationLogout(None, request)
>>> logout.logout(nextURL="bye.html")
>>> logout.confirmation = lambda: 'Good Bye'
>>> logout.logout()
'Good Bye'

Logout, however, behaves differently. Not all authentication protocols (i.e. credentials extractors/challengers) support ‘logout’. Furthermore, we don’t know how an admin may have configured Zope’s authentication. Our solution is to rely on the admin to tell us explicitly that the site supports logout.

By default, the LoginLogout snippet will not provide a logout link for an unauthenticated principal. To illustrate, we’ll first setup a request with an unauthenticated principal:

>>> from import IPrincipal
>>> from zope.interface import implementer
>>> @implementer(IPrincipal)
... class Bob:
...     id = 'bob'
...     title = description = ''
>>> bob = Bob()
>>> IUnauthenticatedPrincipal.providedBy(bob)
>>> request.setPrincipal(bob)

In this case, the default behavior is to return None for the snippet:

>>> print(LoginLogout(None, request)())

And at this time, login will correctly direct us to the next URL, or to the confirmation page:

>>> login = HTTPAuthenticationLogin()
>>> login.request = request
>>> login.context = None
>>> login.login(nextURL='good.html')
>>> login.confirmation = lambda: "You Passed"
>>> login.login()
'You Passed'

Likewise for HTTP Basic authentication:

>>> login = HTTPBasicAuthenticationLogin()
>>> login.request = request
>>> login.context = None
>>> login.confirmation = lambda: "You Passed"
>>> login.login()
'You Passed'

To show a logout prompt, an admin must register a marker adapter that provides the interface:

>>> from zope.authentication.interfaces import ILogoutSupported

This flags to LoginLogout that the site supports logout. There is a ‘no-op’ adapter that can be registered for this:

>>> from zope.authentication.logout import LogoutSupported
>>> from zope.component import provideAdapter
>>> provideAdapter(LogoutSupported, (None,), ILogoutSupported)

Now when we use LoginLogout with an unauthenticated principal, we get a logout prompt:

>>> print(LoginLogout(None, request)())
<a href="@@logout.html?nextURL=http%3A//">[Logout]</a>

And we can log this principal out, passing a URL to redirect to:

>>> logout = HTTPAuthenticationLogout(None, request)
>>> logout.redirect = lambda: 'You have been redirected.'
>>> logout.logout(nextURL="loggedout.html")
'You have been redirected.'


4.0.0 (2017-04-27)

  • Removed use of ‘zope.testing.doctestunit’ in favor of stdlib’s doctest.
  • Removed use of in favor of
  • Add support for PyPy, Python 3.4, 3.5 and 3.6.

3.7.5 (2010-01-08)

  • Move ‘zope.ManageApplication’ permission to
  • Fix tests using a newer zope.publisher that requires zope.login.

3.7.3 (2009-11-29)

  • provide a clean zope setup and move to a test dependency
  • removed unused dependencies like ZODB3 etc. from install_requires

3.7.2 (2009-09-10)

  • Added data attribute to ‘_protections.zcml’ for PersistentList and PersistentDict to accomodate UserList and UserDict behavior when they are proxied.

3.7.1 (2009-08-15)

  • Changed globalmodules.zcml to avoid making declarations for deprecated standard modules, to avoid deprecation warnings.

    Note that globalmodules.zcml should be avoided. It’s better to make declarations for only what you actually need to use.

3.7.0 (2009-03-14)

  • All interfaces, as well as some authentication-related helper classes and functions (checkPrincipal, PrincipalSource, PrincipalTerms, etc.) were moved into the new zope.authentication package. Backward-compatibility imports are provided.
  • The “global principal registry” along with its zcml directives was moved into new “zope.principalregistry” package. Backward-compatibility imports are provided.
  • The IPrincipal -> zope.publisher.interfaces.logginginfo.ILoggingInfo adapter was moved to zope.publisher. Backward-compatibility import is provided.
  • The PermissionsVocabulary and PermissionIdsVocabulary has been moved to the package. Backward-compatibility imports are provided.
  • The registration of the “zope.Public” permission as well as some other common permissions, like “zope.View” have been moved to Its configure.zcml is now included by this package.
  • The “protect” function is now a no-op and is not needed anymore, because now knows about i18n messages and __name__ and __parent__ attributes and won’t protect them by default.
  • The addCheckerPublic was moved from to Backward-compatibility import is provided.
  • The LocalPermission class is now moved to new package. This package now only has backward-compatibility imports and zcml includes.
  • Cleanup dependencies after refactorings. Also, don’t depend on for tests anymore.
  • Update package’s description to point about refactorings done.

3.6.2 (2009-03-10)

  • The Allow, Deny and Unset permission settings was preferred to be imported from zope.securitypolicy.interfaces for a long time and now they are completely moved there from as well as the PermissionSetting class. The only thing left for backward compatibility is the import of Allow/Unset/Deny constants if zope.securitypolicy is installed to allow unpickling of security settings.

3.6.1 (2009-03-09)

  • Depend on new zope.password package instead of to get password managers for the authentication utility, thus remove dependency on
  • Use template for AuthUtilitySearchView instead of ugly HTML constructing in the python code.
  • Bug: The sha and md5 modules has been deprecated in Python 2.6. Whenever the ZCML of this package was included when using Python 2.6, a deprecation warning had been raised stating that md5 and sha have been deprecated. Provided a simple condition to check whether Python 2.6 or later is installed by checking for the presense of json module thas was added only in Python 2.6 and thus optionally load the security declaration for md5 and sha.
  • Remove deprecated code, thus removing explicit dependency on zope.deprecation and zope.deferredimport.
  • Cleanup code a bit, replace old __used_for__ statements by adapts calls.

3.6.0 (2009-01-31)

  • Changed mailing list address to zope-dev at, because zope3-dev is retired now. Changed “cheeseshop” to “pypi” in the package homepage.
  • Moved the protectclass module to leaving only a compatibility module here that imports from the new location.
  • Moved the <module> directive implementation to
  • Use zope.container instead of;.

3.5.3 (2008-12-11)

  • use zope.browser.interfaces.ITerms instead of

3.5.2 (2008-07-31)

  • Bug: It turned out that checking for regex was not much better of an idea, since it causes deprecation warnings in Python 2.4. Thus let’s look for a library that was added in Python 2.5.

3.5.1 (2008-06-24)

  • Bug: The gopherlib module has been deprecated in Python 2.5. Whenever the ZCML of this package was included when using Python 2.5, a deprecation warning had been raised stating that gopherlib has been deprecated. Provided a simple condition to check whether Python 2.5 or later is installed by checking for the deleted regex module and thus optionally load the security declaration for gopherlib.

3.5.0 (2008-02-05)

  • Feature: returns when its id is used for the search key.

3.4.0 (2007-10-27)

  • Initial release independent of the main Zope tree.
File Type Py Version Uploaded on Size (md5) Python Wheel py2.py3 2017-04-27 48KB (md5) Source 2017-04-27 29KB