Hi, I answered your question on SO. I just thought I'd chime in here that I wasn't kidding.. there really isn't a solid reason why it's required. If you really feel strongly about this open an issue on the tracker but I'd consider it bike shedding. Again, be aware that there is *zero* performance penalty for just defining the ACLAuthorizationPolicy in your app if you only ever use the authentication policy functionality within Pyramid, so just define it and move on. :-)
On Tue, Jun 19, 2012 at 8:57 AM, Georges Dubus <[email protected]> wrote: > Hi, > > This was a question on stackoverflow a few days ago that wasn't really > answered[1] : > > Why are both authentication and authorization policies required ? Having an > authentication policy without any authorization makes sense in many > application (first example in mind : some kind of basic chat). Is there a > design decision behind this ? > > [1] > http://stackoverflow.com/questions/10989985/pyramid-why-cant-i-use-an-authentication-policy-without-an-authorization-polic > > Thanks, > Georges > > -- > You received this message because you are subscribed to the Google Groups > "pylons-discuss" group. > To view this discussion on the web visit > https://groups.google.com/d/msg/pylons-discuss/-/8vJBY4j5to0J. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/pylons-discuss?hl=en. -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
