CherryPy Project Download


MultiAuth provides authentication and access control for CherryPy web objects. It is currently in development and is targeted to be compatible with CherryPy 2.1.

MultiAuth provides a few different means of securing your web objects:

  • Decorators
    • Allow granular access control for individual methods
  • Metaclasses
    • Provides an easy way to set base security requirements for all methods in a class
  • Inheritance
    • Pretty much same as metaclasses (it uses them, actually), just different syntax


Other than a demo dictionary authentication provider, LDAP authentication (Active Directory, specifically) is the only implemented authentication provider in this release. I also hope to create providers for other authentication methods (Windows, Unix, etc).

Regarding the LDAP authentication, if someone using another LDAP provider (eDirectory for example) would like to look at the code and write an implementation for that provider, I could include it in this package. I would do it but I don't have access to any other LDAP providers at this time.

Adam Svanberg has written a very flexible database authentication provider for MultiAuth. It utilizes PyDO and can be downloaded from the links at the bottom of this wiki page. The source code includes an usage example.


Installation is simple. Decompress the zip file and run "python install".

The installation puts documentation in "site-packages/multiauth/docs" and a few examples in "site-packages/multiauth/examples".


So you can see what I am talking about without having to download the package, here is a simple example included with the distribution:

import cherrypy

from multiauth import auth
from multiauth.providers import DictAuthProvider

class SimpleSite:
    "Sample multi-level security with decorators"

    def index(self):
        return """
        <a href="protected">Protected method</a><br>
        <a href="open">Open method</a><br>
    def protected(self):
        return "you have accessed the protected page"

    def open(self):
        return "this is the open page"

# create our silly provider
myProvider = DictAuthProvider({})
myProvider.add('christian', 'secret', ['users'])
myProvider.add('admin', 'sshh', ['users', 'supersecret'])

# set it as auth's provider
auth.provider = myProvider

cherrypy.root = SimpleSite()

# session filter needs to be on



Get the latest version at

You can download the PyDOProvider from the link below.


Hosted by WebFaction

Log in as guest/cherrypy to create/edit wiki pages