I know.  This is getting tedious for me too.  But another alpha release 
(hopefully the last) is now in the http://dist.repoze.org/bfg/current index .  
broke down and made ZCML directives for all the "authentication policy" and 
"authorization policy" implementations included in BFG; as a result, the 
"authentication_policy" and "authorization_policy" arguments to 
repoze.bfg.router.make_app are deprecated.  A resource bug was also fixed.

1.0a8 (2009-07-01)

- Deprecate the ``authentication_policy`` and ``authorization_policy``
   arguments to ``repoze.bfg.router.make_app``.  Instead, developers
   should use the various authentication policy ZCML directives
   ``remoteuserauthenticationpolicy`` and
   ``authtktauthenticationpolicy``) and the `aclauthorizationpolicy``
   authorization policy directive as described in the changes to the
   "Security" narrative documenation chapter and the wiki tutorials.

- Add three new ZCML directives which configure authentication

   - ``repozewho1authenticationpolicy``

   - ``remoteuserauthenticationpolicy``

   - ``authtktauthenticationpolicy``

- Add a new ZCML directive which configures an ACL authorization
   policy named ``aclauthorizationpolicy``.

- Bug fix: when a ``repoze.bfg.resource.PackageOverrides`` class was
   instantiated, and the package it was overriding already had a
   ``__loader__`` attribute, it would fail at startup time, even if the
   ``__loader__`` attribute was another PackageOverrides instance.  We
   now replace any ``__loader__`` that is also a PackageOverrides
   instance.  Symptom: ``ConfigurationExecutionError: <type
   'exceptions.TypeError'>: Package <module 'karl.views' from
   already has a __loader__ (probably a module in a zipped egg)``.
Repoze-dev mailing list

Reply via email to