On 4/24/10 2:56 PM, Iain Duncan wrote: > Hi folks, I'm wondering if it's possible to change configurator settings > after the constructor has fired and a zcml file has been parsed. > Specifically I'd like to be able to use my regular zcml file but then > turn off the authentication and authorization policy, something like > this ( which didn't work ): > > configurator.load_zcml( zcml_file) > configurator.authorization_policy = None
There's no API for this particular operation. You'll have to read the source of repoze.bfg.configuration.Configurator and undo what the ZCML directive does "by hand" as a ZCA operation. This might work (it's untested): from repoze.bfg.interfaces import IAuthenticationPolicy from repoze.bfg.interfaces import IAuthorizationPolicy configurator.registry.unregisterUtility(IAuthenticationPolicy) configurator.registry.unregisterUtility(IAuthorizationPolicy) But this isn't guaranteed to work between releases and will almost certainly break at some point. It's probably better to just make three ZCML files: one with your non-authentication policy registrations, one with your authentication policy registrations, and one that includes both of the other files. Then in production use the one that includes both of the other files, but in this other mode, use the ZCML file that contains everything except the authentication policy statements. Even better, just leave the authentication policy registrations out of ZCML altogether and always pass the authentication and authorization policies to the Configurator constructor instead: config = Configurator(authentication_policy=..., authorization_policy=...) See <http://docs.repoze.org/bfg/1.2/narr/security.html#enabling-an-authorization-policy-imperatively> and <http://docs.repoze.org/bfg/1.2/api/configuration.html#repoze.bfg.configuration.Configurator> - C _______________________________________________ Repoze-dev mailing list Repoze-dev@lists.repoze.org http://lists.repoze.org/listinfo/repoze-dev
