2008/11/25 Dalius Dobravolskas <[EMAIL PROTECTED]>: > > Hello, > > On Tue, Nov 25, 2008 at 1:47 PM, Gustavo Narea > <[EMAIL PROTECTED]> wrote: >>> You can add multiple middlewares. The problem is when middlewares or >>> plugins conflict with each other (e.g. because of lack of options). >>> repoze.who does not help to solve this problem. >> >> Can you please provide one example in which that problem is present in >> repoze.who? Just one. > E.g. similar patches or similarly named cookies while they should be > different. I have accidentally named my AuthKit cookie and beaker > session the same name once and have had time until I have understood > where is problem. I have not checked that but I doubt that there is > any mechanism preventing user from doing such simple mistakes in > repoze.who. Or am I wrong? >
I don't use the config file and always write my repoze.who middleware in python. I also find that the configuration is not user friendly because you need more lines in your config file than in python code. By the way, you can set the repoze.who cookie name to wathever you want. >> In all honesty, I don't like that approach of loading middleware just to add >> authentication methods. > And instead you do the *same* just in slightly different way. > repoze.who specifies in config which plugins to load. AuthKit > specifies in config which middlewares to load. I offer to specify in > code which middlewares to load. Technically I can write AuthKit-like > middleware that allows to do the same as AuthKit (but I don't see > value in that). As I have already written repoze.who adds another > level of complication (components) to WSGI. > The only complication is that you must say "hey, my class is an authentifier". Is it really complicated ? >> repoze.who's approach is elegant because it has broken >> up the various components involved in authentication (the so-called >> identifiers, authenticators, challengers and metadata providers) so that they >> can all work _harmoniously_, controlled by repoze.who itself. That's why >> repoze.who scales up and scales down. > It looks like you are the person who understands something here. Could > you explain to me why this division into components is good? Why is it > not enough WSGI for this task? > I've write an url based authentification plugin with 20 lines of code. I can do this with a pure WSGI middleware but repoze.who do a lot of things for me. For me, it's the only good reason ;) -- Gael --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en -~----------~----~----~----~------~----~------~--~---
