diff --git a/CHANGES.txt b/CHANGES.txt
index 73fac50..509dd25 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -1,7 +1,9 @@
CHANGES
=======
-1.7.2 - (unrelease)
+1.8 - (unrelease)
-------------------
+- Switch to modern GenericSetup install
+
- Fix Plone 5 CSRF issues
diff --git a/Products/WebServerAuth/Extensions/Install.py b/Products/WebServerAuth/Extensions/Install.py
deleted file mode 100644
index cbb0868..0000000
--- a/Products/WebServerAuth/Extensions/Install.py
+++ /dev/null
@@ -1,48 +0,0 @@
-from Products.CMFCore.utils import getToolByName
-from Products.PluggableAuthService.interfaces.plugins import IChallengePlugin
-from Products.WebServerAuth.plugin import MultiPlugin, implementedInterfaces
-from Products.WebServerAuth.utils import firstIdOfClass
-
-def install(portal, reinstall=False):
- if not reinstall:
- acl_users = getToolByName(portal, 'acl_users')
-
- # Put a WebServerAuth multiplugin in the acl_users folder, if there isn't one:
- id = firstIdOfClass(acl_users, MultiPlugin)
- if not id:
- id = 'web_server_auth'
- constructors = acl_users.manage_addProduct['WebServerAuth'] # http://wiki.zope.org/zope2/ObjectManager
- constructors.manage_addWebServerAuth(id, title='WebServerAuth Plugin')
-
- # Activate it:
- plugins = acl_users['plugins']
- for interface in implementedInterfaces:
- plugins.activatePlugin(interface, id) # plugins is a PluginRegistry
-
- # Make the Challenge plugin the first in the list:
- for i in range(list(plugins.listPluginIds(IChallengePlugin)).index(id)):
- plugins.movePluginsUp(IChallengePlugin, [id])
-
- # Set up login link:
- user_actions = getToolByName(portal, 'portal_actions')['user']
- user_actions['login']._updateProperty('url_expr', "python:here.acl_users.web_server_auth.loginUrl(request.ACTUAL_URL)")
-
- # Override login_form with a redirect:
- setupTool = getToolByName(portal, 'portal_setup')
- setupTool.runAllImportStepsFromProfile('profile-Products.WebServerAuth:default')
-
-def uninstall(portal, reinstall=False):
- if not reinstall:
- # Delete the multiplugin instance:
- acl_users = getToolByName(portal, 'acl_users')
- id = firstIdOfClass(acl_users, MultiPlugin)
- if id:
- acl_users.manage_delObjects(ids=[id]) # implicitly deactivates
-
- # Revert login link to its stock setting:
- user_actions = getToolByName(portal, 'portal_actions')['user']
- user_actions['login']._updateProperty('url_expr', "string:${portal_url}/login_form")
-
- # Remove login_form redirect:
- setupTool = getToolByName(portal, 'portal_setup')
- setupTool.runAllImportStepsFromProfile('profile-Products.WebServerAuth:uninstall')
diff --git a/Products/WebServerAuth/__init__.py b/Products/WebServerAuth/__init__.py
index ff3e91d..0226d17 100644
--- a/Products/WebServerAuth/__init__.py
+++ b/Products/WebServerAuth/__init__.py
@@ -15,30 +15,6 @@
registerDirectory('skins', globals()) # Without this, portal_skins/webserverauth shows up, but it's empty.
def initialize(context):
- # If we're running under Plone, register the GenericSetup profiles that let us replace login_form:
- try:
- from Products.GenericSetup import EXTENSION, profile_registry
- from Products.CMFPlone.interfaces import IPloneSiteRoot
- except ImportError:
- pass # We're not running under Plone. Let the user use the PAS plugin without all the inapplicable login_form overriding.
- else:
- profile_registry.registerProfile(
- "default",
- "WebServerAuth",
- "Delegates authentication to the web server.",
- "profiles/default",
- product="Products.WebServerAuth",
- profile_type=EXTENSION,
- for_=IPloneSiteRoot)
- profile_registry.registerProfile(
- "uninstall",
- "WebServerAuth Uninstall",
- "Removes the login_form redirection.",
- "profiles/uninstall",
- product="Products.WebServerAuth",
- profile_type=EXTENSION,
- for_=IPloneSiteRoot)
-
context.registerClass(MultiPlugin,
permission=add_user_folders,
constructors=(manage_addWebServerAuthForm,
diff --git a/Products/WebServerAuth/configure.zcml b/Products/WebServerAuth/configure.zcml
new file mode 100644
index 0000000..8bfcad8
--- /dev/null
+++ b/Products/WebServerAuth/configure.zcml
@@ -0,0 +1,41 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/Products/WebServerAuth/profiles/default/WebServerAuth-install.txt b/Products/WebServerAuth/profiles/default/WebServerAuth-install.txt
new file mode 100644
index 0000000..ed0d26d
--- /dev/null
+++ b/Products/WebServerAuth/profiles/default/WebServerAuth-install.txt
@@ -0,0 +1 @@
+Install WebServerAuth
diff --git a/Products/WebServerAuth/profiles/uninstall/WebServerAuth-uninstall.txt b/Products/WebServerAuth/profiles/uninstall/WebServerAuth-uninstall.txt
new file mode 100644
index 0000000..57088d4
--- /dev/null
+++ b/Products/WebServerAuth/profiles/uninstall/WebServerAuth-uninstall.txt
@@ -0,0 +1 @@
+Uninstall WebServerAuth
diff --git a/Products/WebServerAuth/setuphandlers.py b/Products/WebServerAuth/setuphandlers.py
new file mode 100644
index 0000000..8a998f7
--- /dev/null
+++ b/Products/WebServerAuth/setuphandlers.py
@@ -0,0 +1,65 @@
+"""
+Install WebServerAuth into or uninstall from a given portal.
+"""
+
+from Products.CMFCore.utils import getToolByName
+
+from Products.PluggableAuthService.interfaces.plugins import IChallengePlugin
+
+from Products.WebServerAuth.plugin import MultiPlugin, implementedInterfaces
+from Products.WebServerAuth.utils import firstIdOfClass
+from Products.WebServerAuth import zmi
+
+
+def install(context):
+ """
+ Install WebServerAuth into a given portal.
+ """
+ if context.readDataFile('WebServerAuth-install.txt') is None:
+ return
+ portal = context.getSite()
+
+ acl_users = getToolByName(portal, 'acl_users')
+
+ # Put a WebServerAuth multiplugin in the acl_users folder, if there isn't
+ # one:
+ id = firstIdOfClass(acl_users, MultiPlugin)
+ if not id:
+ id = 'web_server_auth'
+ zmi.manage_addWebServerAuth(
+ acl_users, id, title='WebServerAuth Plugin')
+
+ # Activate it:
+ plugins = acl_users['plugins']
+ for interface in implementedInterfaces:
+ plugins.activatePlugin(interface, id) # plugins is a PluginRegistry
+
+ # Make the Challenge plugin the first in the list:
+ for i in range(list(plugins.listPluginIds(IChallengePlugin)).index(id)):
+ plugins.movePluginsUp(IChallengePlugin, [id])
+
+ # Set up login link:
+ user_actions = getToolByName(portal, 'portal_actions')['user']
+ user_actions['login']._updateProperty(
+ 'url_expr',
+ "python:here.acl_users.web_server_auth.loginUrl(request.ACTUAL_URL)")
+
+
+def uninstall(context):
+ """
+ Uninstall WebServerAuth from a given portal.
+ """
+ if context.readDataFile('WebServerAuth-uninstall.txt') is None:
+ return
+ portal = context.getSite()
+
+ # Delete the multiplugin instance:
+ acl_users = getToolByName(portal, 'acl_users')
+ id = firstIdOfClass(acl_users, MultiPlugin)
+ if id:
+ acl_users.manage_delObjects(ids=[id]) # implicitly deactivates
+
+ # Revert login link to its stock setting:
+ user_actions = getToolByName(portal, 'portal_actions')['user']
+ user_actions['login']._updateProperty(
+ 'url_expr', "string:${portal_url}/login_form")
diff --git a/Products/WebServerAuth/version.txt b/Products/WebServerAuth/version.txt
index 943f9cb..6259340 100644
--- a/Products/WebServerAuth/version.txt
+++ b/Products/WebServerAuth/version.txt
@@ -1 +1 @@
-1.7.1
+1.8