https://github.com/redturtle/products.autorolefromhostheader
Plone PAS plugin for adding roles (or groups) to anonymous or logged-in visitors looking for HTTP Headers
https://github.com/redturtle/products.autorolefromhostheader
Last synced: 11 months ago
JSON representation
Plone PAS plugin for adding roles (or groups) to anonymous or logged-in visitors looking for HTTP Headers
- Host: GitHub
- URL: https://github.com/redturtle/products.autorolefromhostheader
- Owner: RedTurtle
- Created: 2013-08-05T09:57:23.000Z (almost 13 years ago)
- Default Branch: master
- Last Pushed: 2025-01-08T09:48:29.000Z (over 1 year ago)
- Last Synced: 2025-05-06T23:24:37.513Z (about 1 year ago)
- Language: Python
- Homepage: http://plone.org/products/autorolefromhostheader
- Size: 61.5 KB
- Stars: 1
- Watchers: 8
- Forks: 4
- Open Issues: 3
-
Metadata Files:
- Readme: README.rst
Awesome Lists containing this project
README
Add **roles** or **groups** to anonymous or logged-in visitors based on **HTTP headers**
.. contents:: **Table of contents**
Introduction
============
The AutoRoleFromHostHeader PAS plugin allows to assign roles to users looking
at HTTP headers.
There is an extraction and authentication plugin included, to enable
additional roles for anonymous users. They are required since PAS does
not support roles (or properties or groups) for anonymous users.
You can disable these interfaces if only logged-in users should get
additional roles.
AutoRoleFromHostHeader furthermore provides a groups plugin interface,
allowing you to assign groups instead of roles.
Configuration
=============
The plugin is configured by editing the ``Header name; regexp; roles/groups``
property on the plugin's properties screen (through ZMI).
Each line represents a mapping from an header value (using a regexp match) to
one or more roles. The format is as follows::
http_header_name; regular expression; role[, role ...] ; TALES
The (optional) TALES allows arbitrary expressions to be added to role mappings,
for example to check other HTTP headers::
...;python:request.getHeader('MY-SPECIAL-HEADER')=='somevalue'
Assign groups, not roles
------------------------
This plugin can be used to assign groups instead of roles if used as a
*group plugin* instead of a role plugin::
http_header_name; regular expression; group[, group ...] ; TALES
Groups plugin is not activated by default.
Caveat
======
If you have AutoRoleFromHostHeader configured for anonymous users and come
from a network matching one of its rules, you will **not** be able to log in
with an account from a higher-up user folder. This is because AutoRole
authenticates the Anonymous User which stops the lookup process.
Dependencies
============
Tested with all Plone versions from 4.0 to 4.3.
Credits
=======
Developed with the support of:
* `Azienda USL Ferrara`__
.. image:: http://www.ausl.fe.it/logo_ausl.gif
:alt: Azienda USL's logo
* `Regione Emilia Romagna`__
All of them supports the `PloneGov initiative`__.
__ http://www.ausl.fe.it/
__ http://www.regione.emilia-romagna.it/
__ http://www.plonegov.it/
Authors
=======
* This product was developed by RedTurtle Technology team.
.. image:: http://www.redturtle.it/redturtle_banner.png
:alt: RedTurtle Technology Site
:target: http://www.redturtle.it/
* AutoRoleFromHostHeader is not an original idea but is taken from the work
made by *Jarn company* for the `AutoRole`__ plugin.
* Special thanks to *Mauro Amico* (mamico) for giving us the main direction.
* *Matthew Wilkes* (MatthewWilkes) contributed adding the conditional
expression.
__ http://pypi.python.org/pypi/Products.AutoRole