Getting started coding for Zope 2

I have a legacy app running Zope 2.10.6 and there are reasons we cannot upgrade to a newer Zope.
There are a few band-aids we need to apply to this legacy app while our replacement app is being written.
In particular I need to write a custom PAS plugin.
I found this thread: How to use Pluggable Auth Service
and from it started looking at the projects located here: Collective · GitHub

Sorry, but I'm not really sure what I'm looking at. How does one get started coding for Zope? Does a ground zero tutorial exist?

did you see these?

I think his question is more about starting with Zope...

@cbas have you looked through this? Documentation — Zope Project and Community documentation

Yes, the first place I go is the Zope documentation. I don't know why I continue going there since it has not once been useful yet.
The chapter on PAS is particularly unhelpful - which is why I'm looking on this forum.

I found reference to an old tutorial:

However, that page does not exist, and the server is not running.

I have found this older documentation, older manuals — Plone Documentation v3.3
But, I would hope that old tutorial still exists somewhere?
Why are Zope/Plone tutorials so blooming hard to find anymore???

It seems that tutorial was moved to here: *

But, it's still missing today. (afaik)

PluggableAuthService is a mini-framework for authentication and authorization. It splits the overall process into tasks, each described by an interface. Read the interfaces in the source to learn which types of tasks are available.

Tasks can be implemented by plugins. Plone comes wiith some plugins. Look at their source and use it a blueprint for your own plugins. If necessary, search for further plugins which are likely near your own use case.

Thank you Dieter. I am already attempting to do what you suggest.
I have looked at 3 different plugins so far and am lost. It is not clear to me what any of that code is doing. It's overwhelming jumping in at that level. I don't have a frame of reference to start at.

Start with the interfaces: they tell you what should happen.

The most important tasks are extraction (collect authentication information from the request), authentication (verify collected information against a user source) and challenge (request for an authentication). Examples are CookieAuthHelper (extraction and challenge) and ZODBUserManager (authentication, user enumeration) -- both from Products.PluggableAuthService.plugins.

1 Like

Plone Foundation Code of Conduct