Re: [Repoze-dev] How to handle failed logins?

Hi Timmy! Timmy Chan wrote: > my current workflow for FriendlyFormPlugin is > > user goes to page, needs permission, gets 401 > repoze.who sends it to login_form_url > user inputs data > user gets sends to post_login_url, gets 401 > gets sent to login_form_url again > > is this a good method?

Re: [Repoze-dev] FriendlyForm login count not incrementing on failed login

Thanks Gustavo. The version of FriendlyForm I'm using, 1.0.4, does not implement IAuthenticator. I get the following error: ValueError: form: An object has failed to implement interface The authenticate attribute was not provided. With form in only identifiers and challengers,

[Repoze-dev] [issue114] Documentation error

Tres Seaver added the comment: The 1.0 version of the repoze.who docs now have that URL here: http://docs.repoze.org/who/1.0/narr.html#middleware-configuration-via-config-file For 2.0, see here: http://docs.repoze.org/who/2.0/configuration.html#configuring-repoze-who-via-config-file

[Repoze-dev] [issue100] Configurable character set support for repoze.who and repoze.what

Tres Seaver added the comment: The only "correct" way to decode values in the payload of an HTTP POST request is to use the charset supplied in the Content-Type header of that request, or fall back to ISO-8859-1. RFC 2616, section 3.7.1, says: When no explicit charset parameter is provided b

[Repoze-dev] [issue114] Documentation error

Tres Seaver added the comment: Thanks very much for the report! Fixed on the trunk in r9049. Fixed on the 1.0 branch in 9050. -- status: chatting -> resolved __ Repoze Bugs __ _

[Repoze-dev] [issue41] INITools for zc.buildout-style config files

Tres Seaver added the comment: Looks interesting. I'm not sure I'd want to document how to use the feature, though. ;) -- priority: feature -> wish status: unread -> chatting __ Repoze Bugs _

[Repoze-dev] [issue63] Mention all the known repoze.who plugin implementations

Tres Seaver added the comment: Done on the trunk in r9051. -- assignedto: Gustavo -> tseaver nosy: +tseaver priority: feature -> wish status: unread -> resolved __ Repoze Bugs __ _

[Repoze-dev] [issue111] repoze.who.plugins.ldap enhancements

Tres Seaver added the comment: That plugin tracks its bugs in Launchpad: https://bugs.launchpad.net/repoze.who.plugins.ldap -- status: unread -> chatting __ Repoze Bugs __ _

[Repoze-dev] [issue87] auth_tkt: Cookies will always expire when the user agent is closed

Tres Seaver added the comment: repoze.who 1.0.14 added 'timeout' and 'reissue_time' parameters to the auth_tkt: does that resolve this issue? __ Repoze Bugs __

[Repoze-dev] [issue41] INITools for zc.buildout-style config files

Tres Seaver added the comment: That code now lives at BitBucket: http://bitbucket.org/ianb/initools/ __ Repoze Bugs __ ___ Repoze-dev mailing list Rep

[Repoze-dev] INewRequest subscriber DBSession question

Hi folks, I noticed that in the new version of the BFGAlchemy sample app, the transaction manager is used to clear out the session after the transaction is done. I'm wondering whether there is anything wrong with cleaning the session by call Session.remove() in the INewRequest subscriber directly (

[Repoze-dev] wrapped views for routes?

Is there any chance of having wrapped views work on views declared with ? ( IE declare a wrapper predicate on a route in zcml ) Seems like it would be handy to be able to do so. thanks Iain ___ Repoze-dev mailing list Repoze-dev@lists.repoze.org http://