This discussion shows Pylons needs some kind of flexible but standard system of authentication & authorization. It has also been clear from the past several months that AuthKit provides *a* unified solution for both issues, but it has not gained sufficient acceptance from the Pylons community to be *the* standard.
Given that there's no consensus on which of the existing implementations to bless, and the fact that some authorization schemes are so complex they need custom code, I think it would be in the Pylons tradition to define a minimum spec for authentication and another for authorization, and then let the package authors figure out how to fulfill them and to interoperate with each other; i.e., the WSGI of auth. I've started a wiki page for this in the Pylons Projects space: http://wiki.pylonshq.com/display/pylonsprojects/Authentication+and+Authorization+Central -- Mike Orr <[EMAIL PROTECTED]> --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en -~----------~----~----~----~------~----~------~--~---
