1Metadata-Version: 1.0
2Name: zope.password
3Version: 3.6.1
4Summary: Password encoding and checking utilities
5Home-page: http://pypi.python.org/pypi/zope.password
6Author: Zope Foundation and Contributors
7Author-email: zope-dev@zope.org
8License: ZPL 2.1
9Description: ================
10        Password Manager
11        ================
12
13        This package provides a password manager mechanism. Password manager
14        is an utility object that can encode and check encoded
15        passwords. Beyond the generic interface, this package also provides
16        four implementations:
17
18        * PlainTextPasswordManager - the most simple and the less secure
19          one. It does not do any password encoding and simply checks password
20          by string equality.  It's useful in tests or as a base class for
21          more secure implementations.
22
23        * MD5PasswordManager - a password manager that uses MD5 algorithm to
24          encode passwords. It adds salt to the encoded password, but the salt
25          is not used for encoding the password itself, so the use of salt in
26          it is purely cosmetical. It's generally weak against dictionary
27          attacks.
28
29        * SHA1PasswordManager - a password manager that uses SHA1 algorithm to
30          encode passwords. It has the same salt weakness as the
31          MD5PasswordManager.
32
33        * SSHAPasswordManager - the most secure password manager that is
34          strong against dictionary attacks. It's basically SHA1-encoding
35          password manager which also incorporates a salt into the password
36          when encoding it. This password manager is compatible with passwords
37          used in LDAP databases.
38
39        It is strongly recommended to use SSHAPasswordManager, as it's the
40        most secure.
41
42        The package also provides a script `zpasswd` to generate principal
43        entries in typical ``site.zcml`` files.
44
45        Usage
46        -----
47
48        It's very easy to use password managers. The
49        ``zope.password.interfaces.IPasswordManager`` interface defines only
50        two methods::
51
52          def encodePassword(password):
53              """Return encoded data for the given password"""
54
55          def checkPassword(encoded_password, password):
56              """Return whether the given encoded data coincide with the given password"""
57
58        The implementations mentioned above are in the
59        ``zope.password.password`` module.
60
61
62        Password Manager Names Vocabulary
63        ---------------------------------
64
65        The ``zope.password.vocabulary`` module provides a vocabulary of
66        registered password manager utility names. It is typically registered
67        as an `IVocabularyFactory` utility named "Password Manager Names".
68
69        It's intended to be used with ``zope.component`` and ``zope.schema``,
70        so you need to have them installed and the utility registrations needs
71        to be done properly. The `configure.zcml` file, contained in
72        ``zope.password`` does the registrations, as well as in
73        `setUpPasswordManagers` function in ``zope.password.testing`` module.
74
75        zpasswd script
76        --------------
77
78        ``zpasswd`` is a script to generate principal entries in typical
79        ``site.zcml`` files.
80
81        You can create a ``zpasswd`` script in your package by adding a
82        section like this to your ``buildout.cfg``::
83
84          [zpasswd]
85          recipe = z3c.recipe.dev:script
86          eggs = zope.password
87          module = zope.password.zpasswd
88          method = main
89
90        This will generate a script ``zpasswd`` next time you run
91        ``buildout``.
92
93        When run, the script will ask you for all parameters needed to create
94        a typical principal entry, including the encrypted password.
95
96        Use::
97
98          $ bin/zpasswd --help
99
100        to get a list of options.
101
102        Using
103
104          $ bin/zpasswd -c some/site.zcml
105
106        the script will try to lookup any password manager you defined and
107        registered in your environment. This is lookup is not necessary if you
108        go with the standard password managers defined in `zope.password`.
109
110        A typical ``zpasswd`` session::
111
112          $ ./bin/zpasswd
113
114          Please choose an id for the principal.
115
116          Id: foo
117
118
119          Please choose a title for the principal.
120
121          Title: The Foo
122
123
124          Please choose a login for the principal.
125
126          Login: foo
127
128          Password manager:
129
130           1. Plain Text
131           2. MD5
132           3. SHA1
133           4. SSHA
134
135          Password Manager Number [4]:
136          SSHA password manager selected
137
138
139          Please provide a password for the principal.
140
141          Password:
142          Verify password:
143
144          Please provide an optional description for the principal.
145
146          Description: The main foo
147
148          ============================================
149          Principal information for inclusion in ZCML:
150
151            <principal
152              id="foo"
153              title="The Foo"
154              login="foo"
155              password="{SSHA}Zi_Lsz7Na3bS5rz4Aer-9TbqomXD2f3T"
156              description="The main foo"
157              password_manager="SSHA"
158              />
159
160
161
162
163        =======
164        CHANGES
165        =======
166
167        3.6.1 (2010-05-27)
168        ------------------
169
170        - The SSHAPasswordManager.checkPassword() would not handle unicode input
171          (even if the string would only contain ascii characters). Now, the
172          encoded_password input will be encoded to ascii, which is deemed safe as it
173          should not contain non-ascii characters anyway.
174
175        3.6.0 (2010-05-07)
176        ------------------
177
178        - Removed zope.testing dependency for tests.
179
180        - Updated some copyright headers to comply to repository policy.
181
182        - Added zpasswd script formerly hold in zope.app.server. Contrary to
183          former zpasswd script, which used "Plain Text" as default password
184          manager, now SSHA is used as default.
185
186        3.5.1 (2009-03-14)
187        ------------------
188
189        - Make security protection directives in `configure.zcml` execute only
190          if ``zope.security`` is installed. This will allow reuse of the
191          `configure.zcml` file in environments without ``zope.security``,
192          for example with ``repoze.zcml``.
193
194        - Add "Password Manager Names" vocabulary for use with ``zope.schema``
195          and ``zope.component``, like it was in ``zope.app.authentication``.
196          It's an optional feature so it doesn't add hard dependency. We use
197          "vocabulary" extra to list dependencies needed for vocabulary functionality.
198
199        3.5.0 (2009-03-06)
200        ------------------
201
202        First release. This package was splitted off from ``zope.app.authentication``
203        to separate password manager functionality that is greatly re-usable without
204        any bit of ``zope.app.authentication`` and to reduce its dependencies.
205
206Keywords: zope authentication password zpasswd
207Platform: UNKNOWN
208Classifier: Development Status :: 5 - Production/Stable
209Classifier: Environment :: Web Environment
210Classifier: Intended Audience :: Developers
211Classifier: License :: OSI Approved :: Zope Public License
212Classifier: Programming Language :: Python
213Classifier: Natural Language :: English
214Classifier: Operating System :: OS Independent
215Classifier: Topic :: Internet :: WWW/HTTP
216Classifier: Framework :: Zope3
217