On Nov 28, 12:13 am, "Dalius Dobravolskas"
<[EMAIL PROTECTED]> wrote:
> Hello, Gustavo,
>
> > On the other hand, because REMOTE_USER (which isn't set by r.who) is not
> > always enough and also some of the future features will rely on
> > future/existing repoze.who plugins, for example:
>
> I agree with that. Even more REMOTE_USER is not enough to distinguish
> between different authentication methods when multiple methods are
> used.
Does that mean you ignore AUTH_TYPE variable passed in from Apache
where Apache module performs the authentication?
Graham
> Because of that I offer to do following in r.who:
> Set REMOTE_USER as username. Usually all authentication systems
> provides one or another form of username.
> Set x-wsgiorg.user_data with data dict (e.g. certificate details,
> OpenID SREG data and etc.). Name was proposed by Ian Bicking.
>
> This way r.who and r.what will be compatible with other authentication
> and authorization solutions.
>
> --
> Daliushttp://blog.sandbox.lt
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"pylons-discuss" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/pylons-discuss?hl=en
-~----------~----~----~----~------~----~------~--~---