Products.AutoRoleFromHostHeader

Add roles or groups to anonymous or logged-in visitors based on HTTP headers

.. contents:: Table of contents

Introduction

The AutoRoleFromHostHeader PAS plugin allows to assign roles to users looking at HTTP headers.

There is an extraction and authentication plugin included, to enable additional roles for anonymous users. They are required since PAS does not support roles (or properties or groups) for anonymous users. You can disable these interfaces if only logged-in users should get additional roles.

AutoRoleFromHostHeader furthermore provides a groups plugin interface, allowing you to assign groups instead of roles.

Configuration

The plugin is configured by editing the Header name; regexp; roles/groups property on the plugin's properties screen (through ZMI). Each line represents a mapping from an header value (using a regexp match) to one or more roles. The format is as follows::

http_header_name; regular expression; role[, role ...] ; TALES

The (optional) TALES allows arbitrary expressions to be added to role mappings, for example to check other HTTP headers::

...;python:request.getHeader('MY-SPECIAL-HEADER')=='somevalue'

Assign groups, not roles

This plugin can be used to assign groups instead of roles if used as a group plugin instead of a role plugin::

http_header_name; regular expression; group[, group ...] ; TALES

Groups plugin is not activated by default.

Caveat

If you have AutoRoleFromHostHeader configured for anonymous users and come from a network matching one of its rules, you will not be able to log in with an account from a higher-up user folder. This is because AutoRole authenticates the Anonymous User which stops the lookup process.

Dependencies

Tested with all Plone versions from 4.0 to 4.3.

Credits

Developed with the support of:

• Azienda USL Ferrara__

  .. image:: http://www.ausl.fe.it/logo_ausl.gif :alt: Azienda USL's logo

• Regione Emilia Romagna__

All of them supports the PloneGov initiative__.

__ http://www.ausl.fe.it/ __ http://www.regione.emilia-romagna.it/ __ http://www.plonegov.it/

Authors

• This product was developed by RedTurtle Technology team.

  .. image:: http://www.redturtle.it/redturtle_banner.png :alt: RedTurtle Technology Site :target: http://www.redturtle.it/

• AutoRoleFromHostHeader is not an original idea but is taken from the work made by Jarn company for the AutoRole__ plugin.

• Special thanks to Mauro Amico (mamico) for giving us the main direction.

• Matthew Wilkes (MatthewWilkes) contributed adding the conditional expression.

__ http://pypi.python.org/pypi/Products.AutoRole

Changelog

1.0.1 (2021-01-28)

• Zope 4 compatibility: Replaced broken imports of InitializeClass. [reinhardt]
• Python 3 compatibility [reinhardt]

1.0.0 (2015-06-05)

Dropped Plone 3 compatibility

• Add TALES field to assignments, allowing users to provide arbitrary conditions [matthewwilkes]

0.4.1 (2014-07-10)

• Restored MANIFEST file that was destroyed [keul]
• Run import step profile only when needed [keul]

0.4.0 (Unreleased)

• Do not fail if the configured header was not found [keul]
• Dropped support for ancient Plone versions (Python 2.3) [keul]
• Pyflakes cleanup [keul]
• Now works also on Plone 4.3 [keul]

0.3.0 (2011-10-17)

• Fixed compatibliy with webserverauth [yurj]
• Updates tests on Plone 4.1 [keul]

0.2.0 (2010-10-04)

• Fixed project URL on plone.org [keul]
• Added plugin icon [keul]
• Fixed broken tests [keul]
• Added z3c.autoinclude support [keul]

0.1.0a (2010-03-24)

• Initial release