On Wed, Oct 15, 2008 at 4:30 PM, Mike Orr <[EMAIL PROTECTED]> wrote:
>
> On Wed, Oct 15, 2008 at 3:29 PM, Mike Orr <[EMAIL PROTECTED]> wrote:
>> On Wed, Oct 15, 2008 at 3:22 PM, MilesTogoe <[EMAIL PROTECTED]> wrote:
>>>
>>> Mike Orr wrote:
>>>> On Wed, Oct 15, 2008 at 11:03 AM, Steven <[EMAIL PROTECTED]> wrote:
>>>>
>>>>> I'm a newbie trying to get a grasp on what options I have for
>>>>> Authentication and Authorization. From reading the docs and the
>>>>> pylonsbook.com I've found 2 options so far:
>>>>>
>>>>> repoze.who (ported from Zope)
>>>>> AuthKit (work in progress? )
>>>>>
>>>>> Are there others?
>>>>>
paste.auth, but that's almost a build your own framework.
>>>>
>>>> Building your own is popular. I have a login form and a two-mode
>>>> authentication that uses LDAP or a database depending on the
>>>> username's syntax. I have several classes called Permsets
>>>> ("permission sets") with boolean attributes to describe what
>>>> permissions a type of user has.
>>>>
>>>> Then I have a require_perm() function that takes the expected
>>>> permission name and arguments, and aborts 403 if forbidden. My base
>>>> controller has a .__before__ that does authentication, and controllers
>>>> can have a class attribtute describing the most lenient permission
>>>> common to all the actions. Then individual actions can do more
>>>> restrictive tests; e.g., can the user view or edit a particular
>>>> database record?
>>>>
>>>> A companion function has_perm() tells whether something is alllowed,
>>>> which tells me whether to generate links to restricted pages.
>>>>
>>>> If you want to use Basic Authentication rather than a login form, you
>>>> have to look up the proper HTML statuses and headers to trigger it.
>>>> That's where repoze.who and AuthKit come in especially handy tcause
>>>> they do all that for you.
>>>>
>>>>
>>> wondering how this is read between pages - it seems like wsgi middleware
>>> has a lot to offer here but aside from packages such as beaker, haven't
>>> seen much write up on it. If you haven't already, this would make a
>>> good "pylons cookbook" recipe since it's one of those core functions
>>> that most have to do.
>>
>> I haven't used either system so somebody else would have to do this.
>
> Oh, you mean my system? Yeah, I can do this, but I've got a deadline
> this week so it won't be till later.
>
That will be great. I haven't used authkit, but from the comments in
this list it seems complex to work with, to put it simple.
As for repoze.who it's great I like it a lot but something it fells
like overkill.
> --
> Mike Orr <[EMAIL PROTECTED]>
>
> >
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"pylons-discuss" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/pylons-discuss?hl=en
-~----------~----~----~----~------~----~------~--~---
