At 11:22 AM 1/22/2006 -0500, Jim Fulton wrote:
Typically, web servers provide access logs that include a label
for the authenticated user.
Often, WSGI applications (or middleware) provide their own user
authentication facilities. Well, Zope does. :)
There doesn't seem to be a standard way for
Phillip J. Eby wrote:
At 11:22 AM 1/22/2006 -0500, Jim Fulton wrote:
Typically, web servers provide access logs that include a label
for the authenticated user.
Often, WSGI applications (or middleware) provide their own user
authentication facilities. Well, Zope does. :)
There doesn't
Who is working on deployment tools for WSGI? I'm aware of Paste Deploy.
Are there any other efforts underway?
Jim
--
Jim Fulton mailto:[EMAIL PROTECTED] Python Powered!
CTO (540) 361-1714http://www.python.org
Zope Corporation
[Jim Fulton]
Is Zope the only WSGI application that performs authentication
itself?
[Phillip J. Eby]
I think Zope is the only WSGI application that cares about
communicating this information back to the web server's logs. :)
[Jim Fulton]
I hope that's not true. Certainly, if anyone else
Phillip J. Eby wrote:
At 05:45 PM 1/22/2006 +, Alan Kennedy wrote:
I agree about not sending this information back to the user: it's
unnecessary and potentially dangerous.
Yep, it would be really dangerous to let me know who I just logged in to an
application as. I might find out
[Alan Kennedy]
I agree about not sending this information back to the user: it's
unnecessary and potentially dangerous.
[Phillip J. Eby]
Yep, it would be really dangerous to let me know who I just logged in to
an application as. I might find out who I really am! ;)
Very droll ;-)
What if
Ian Bicking wrote:
Jim Fulton wrote:
Typically, web servers provide access logs that include a label
for the authenticated user.
Often, WSGI applications (or middleware) provide their own user
authentication facilities. Well, Zope does. :)
There doesn't seem to be a standard way for