On 5/20/07, ThomasP <[EMAIL PROTECTED]> wrote: > > The remaining question is: does the MemberMgmt recipe work with UserAuth2? > From what I read I don't think so. > > In case MemberMgmt reads/writes directly from/to Site.AuthUser, it > obviously does not work together. Could you in the MemberMgmt recipe > branch the operations depending on the authentication module running, and > I will provide appropriate hooks in UserAuth2 to be called by MemberMgmt?
Actually no, MemberMgmt authenticates against passwords stored in Profiles pages (either encrypted or encoded) and then uses authuser's AuthUserId( ) function to set the authid variable. Then it extracts any user group memberships from Memberships pages and sets those using authuser's SessionAuth( ). So MemberMgmt really is it's own authentication system--that rests on AuthUser to handle things like permissions and stuff after ZAP log's them in. If I can make this work with UserAuth, I'd be more than happy to. Just let me know what you have in mind. Cheers, Dan PS. I didn't reply to your long post describing the features of UserAuth(2) but I wanted to say I was very impressed. I did not really understand what it did before, and I definitely appreciate it's philosophy. FWIW, ZAP has been steaily moving that direction in terms of how it manages it's security, and I think even Pm will start moving that direction from hints of how he will set up the commenting system target controls. I personally have found centralizing control to a few pages, rather than spreading it out across the wiki is much easier. Coincidentally, the new wiki engine I'm working on will work VERY much like UserAuth in terms of security, user & group mgmt, permissions, etc. Very enlightening to read your post. Thanks for the good work you are doing with UserAuth! Cheers, Dan _______________________________________________ pmwiki-users mailing list [email protected] http://www.pmichaud.com/mailman/listinfo/pmwiki-users
