> This is the way to go, but isn't Josh doing it already? I did not check the Pylons template. The linked wiki page Josh is following http://wiki.pylonshq.com/display/pylonscookbook/Authorization+with+repoze.what sets Session = None.
Originally I thought Josh was accidentally using a different, but valid, Session and transaction for his application code than the one that fetched the user. SQLAlchemy doesn't like that and it is inefficient. Instead, the entire request should use the same Session for example by placing repoze.tm2 in front of repoze.who.plugins.sa in the WSGI stack. Paraphrased: try: app(environ, start_response) Session.commit() except: Session.rollback() raise finally: Session.remove() -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
