On Mon, Jun 7, 2010 at 1:47 PM, Gustavo Narea <[email protected]> wrote: > Hello, Mike. > > I agree it's not a common situation, but I think some things are > simpler than they seem; for example, if you have two metadata plugins > (e.g., SQL and LDAP), they both would be used regardless of the > successful authentication method. > > If I got it all right, you'd need at least 5 repoze.who plugins: > 1 identifier, the one that handles the login form. > 1 LDAP authenticator. > 1 SQL authenticator. > 1 LDAP metadata provider. > 1 SQL metadata provider.
So that would require two LDAP queries or two SQL queries for every login? That brings up another issue I forgot. The LDAP plugin seems to assume a long-running connection that will never be broken, and has no provision to reconnect. (The constructor takes a connection rather than a factory.) I don't know if LDAP is as likely to close idle connections as MySQL is, but our server does go down occasionally. In my app, I connect to LDAP separately for each login attempt. I suppose that might increase the latency, but it does mean I don't have to worry about reconnecting. It should probably start with a long-lived connection but reconnect gracefully. -- Mike Orr <[email protected]> -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
