On Mon, Sep 26, 2011 at 1:36 PM, Benjamin Sims <[email protected]>wrote:
> That is, a way to check that a user is not authenticated in order to > restrict access to a login form? Restricting access is done via Pyramid's use of ACLs (mapping a user's principals to permissions). This means that you need a way to map a principal X to permission 'not_logged_in'. Principal X could be pyramid.security.Everyone, but obviously that also includes Authenticated users. If you are using one of Pyramid's default authn policies with a callback, it's not going to be possible to build that restriction into the list of principals and you would have to do it through a custom authorization policy. However, it's very easy to implement your own authentication policy and modify the effective_principals(request) function to do exactly what you want. The link below shows how to build a custom authentication policy. https://docs.pylonsproject.org/projects/pyramid_cookbook/dev/authentication.html#custom-authentication-policy -- Michael -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
