Re: [ZODB-Dev] ZEO Authentication
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 26 May 2006, at 05:46, David Pratt wrote: I am curious how folks are handling authentication for ZEO in a general way (client against the server). Is is common to attempt to use user/passwords from acl in zope as a means of creating a lists for authenticating against a ZEO server? Or is it more typical to manage a separate list of user/passwords just for the purpose of authenticating the client server connection? I'd like to hear what sort of things are being done to handle this generally. Many thanks. I don't know anyone who uses authenticated ZEO connections, does it even work? IMHO most people are in a situation where the traffic between the ZEO clients and the ZEO server runs on an internal network, so it simply doesn't matter. Or small setups where the communication is on one and the same machine. jens -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (Darwin) iD8DBQFEdseGRAx5nvEhZLIRApfTAJ9MjasVk9UHp1yvlBP2BNPQl6GXKACeIpIC Yx5XIHtQzPX9+xQzbL71zh0= =G8RQ -END PGP SIGNATURE- ___ For more information about ZODB, see the ZODB Wiki: http://www.zope.org/Wikis/ZODB/ ZODB-Dev mailing list - ZODB-Dev@zope.org http://mail.zope.org/mailman/listinfo/zodb-dev
Re: [ZODB-Dev] ZEO Authentication
Hi Jens, this is available in ZEO and looks to me that the original idea was to support more than a single mode of authentication. I was curious of those using it to see how it was generally being used (or whether others have worked out something against other authentication schemes). Many thanks. Regards, David Jens Vagelpohl wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 26 May 2006, at 05:46, David Pratt wrote: I am curious how folks are handling authentication for ZEO in a general way (client against the server). Is is common to attempt to use user/passwords from acl in zope as a means of creating a lists for authenticating against a ZEO server? Or is it more typical to manage a separate list of user/passwords just for the purpose of authenticating the client server connection? I'd like to hear what sort of things are being done to handle this generally. Many thanks. I don't know anyone who uses authenticated ZEO connections, does it even work? IMHO most people are in a situation where the traffic between the ZEO clients and the ZEO server runs on an internal network, so it simply doesn't matter. Or small setups where the communication is on one and the same machine. jens -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (Darwin) iD8DBQFEdseGRAx5nvEhZLIRApfTAJ9MjasVk9UHp1yvlBP2BNPQl6GXKACeIpIC Yx5XIHtQzPX9+xQzbL71zh0= =G8RQ -END PGP SIGNATURE- ___ For more information about ZODB, see the ZODB Wiki: http://www.zope.org/Wikis/ZODB/ ZODB-Dev mailing list - ZODB-Dev@zope.org http://mail.zope.org/mailman/listinfo/zodb-dev ___ For more information about ZODB, see the ZODB Wiki: http://www.zope.org/Wikis/ZODB/ ZODB-Dev mailing list - ZODB-Dev@zope.org http://mail.zope.org/mailman/listinfo/zodb-dev
[ZODB-Dev] Re: Getting an up to date instance of a persistent object
Pascal Peregrina wrote: Hi, I have a question regarding what triggers the reloading of an object state from ZODB (in order to set the most up to date one). (note that I use ZEO) Say you have C1, a Connection, and you have already retrieved object O1 (so O1 is in C1 cache). Then, O1 is modified by something (that uses a different Connection). When you reuse C1 and access O1, I would like to know what makes sure the O1 state is up to date. Let's say C2 modified the same object. At C2 commit time, tpc_finish calls self._db.invalidate of all objects that C2 modified. Through a series of callbacks (involving ZEO also if used), this notifies all other connections through their invalidate() method that this object is invalidated. C1.invalidate() records that fact, and at C1 commit time there will be a conflict error if O1 is modified while also flagged invalidated by another connection. Florent Apparently, accessing O1._p_serial before anything else returns the old serial (so the latest state has not been set). I also tried C1.sync() (through O1._p_jar) before accessing O1._p_serial but I got same result. And apparently, accessing O1._p_mitme before anything else does return the latest mtime and then accessing O1._p_serial does return the latest serial (so the latest state has been set) Is that right? What's the rule? Thanks for your help. Pascal ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been swept by MIMEsweeper for the presence of computer viruses. www.mimesweeper.com ** ___ For more information about ZODB, see the ZODB Wiki: http://www.zope.org/Wikis/ZODB/ ZODB-Dev mailing list - ZODB-Dev@zope.org http://mail.zope.org/mailman/listinfo/zodb-dev -- Florent Guillaume, Nuxeo (Paris, France) Director of RD +33 1 40 33 71 59 http://nuxeo.com [EMAIL PROTECTED] ___ For more information about ZODB, see the ZODB Wiki: http://www.zope.org/Wikis/ZODB/ ZODB-Dev mailing list - ZODB-Dev@zope.org http://mail.zope.org/mailman/listinfo/zodb-dev
Re: [ZODB-Dev] ZEO Authentication
--On 26. Mai 2006 16:47:41 +0100 Jens Vagelpohl [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 26 May 2006, at 16:43, Benji York wrote: Andreas Jung wrote: You could use a firewall to allow incoming ZEO connection only from authorized IP address...should not be more than some lines of iptables configuration or so. Similarly, you can use a VPN. -- You can use a VLAN, too. Or a monkey to control each ZEO packet :-) -aj -- ZOPYX Ltd. Co. KG - Charlottenstr. 37/1 - 72070 Tübingen - Germany Web: www.zopyx.com - Email: [EMAIL PROTECTED] - Phone +49 - 7071 - 793376 E-Publishing, Python, Zope Plone development, Consulting pgpn1goZldfev.pgp Description: PGP signature ___ For more information about ZODB, see the ZODB Wiki: http://www.zope.org/Wikis/ZODB/ ZODB-Dev mailing list - ZODB-Dev@zope.org http://mail.zope.org/mailman/listinfo/zodb-dev
Re: [ZODB-Dev] Resource Managers not getting collected?
On Thu, May 25, 2006 at 02:41:32AM -0300, Sidnei da Silva wrote: | Anyone experienced this? Any clues about what to do to get more | information? /me still expecting Dieter Maurer's I've fixed this in my private copy of Zope by doing X, Y, Z :) -- Sidnei da Silva Enfold Systemshttp://enfoldsystems.com Fax +1 832 201 8856 Office +1 713 942 2377 Ext 214 ___ For more information about ZODB, see the ZODB Wiki: http://www.zope.org/Wikis/ZODB/ ZODB-Dev mailing list - ZODB-Dev@zope.org http://mail.zope.org/mailman/listinfo/zodb-dev
Re: [ZODB-Dev] ZEO Authentication
Well, you might need a few monkeys for sure :-) I guess it is safe to say, that the authentication built into ZEO is not used extensively. You never know until you ask. I guess if it were, it might depend on the use case you have for ZEO more than anything. Many thanks. Regards David You can use a VLAN, too. Or a monkey to control each ZEO packet :-) -aj ___ For more information about ZODB, see the ZODB Wiki: http://www.zope.org/Wikis/ZODB/ ZODB-Dev mailing list - ZODB-Dev@zope.org http://mail.zope.org/mailman/listinfo/zodb-dev ___ For more information about ZODB, see the ZODB Wiki: http://www.zope.org/Wikis/ZODB/ ZODB-Dev mailing list - ZODB-Dev@zope.org http://mail.zope.org/mailman/listinfo/zodb-dev
Re: [ZODB-Dev] AssertionError on multithread ZEO app
Please stay on the mailing list -- readded. Pedro Werneck wrote at 2006-5-25 21:33 -0300: ... You see modifications only after crossing a transaction boundary. In the same transaction, you see only the modification made by this transaction (not by others, even committed). OK... so, how can I get the changes made by the threads ? Everything here is very inconsistent and I still trying to figure what's wrong. You use at least ZODB 3.2 and ensure transaction boundaries, e.g. by calling transaction.commit() or transaction.abort(). ... Yes, I'm using PersistentList, but in fact, I never do small changes on it. Everytime I do some change, I have to clear the whole list and add new data. Is there a better structure for this ? If you do this, then (of course) you need to write the complete list. If this lets your storage grow too fast, then probably the ZODB is not the right storage medium for you -- or you dig up the BDB storage. It is still somewhere in the SVN/CVS reporitories. -- Dieter ___ For more information about ZODB, see the ZODB Wiki: http://www.zope.org/Wikis/ZODB/ ZODB-Dev mailing list - ZODB-Dev@zope.org http://mail.zope.org/mailman/listinfo/zodb-dev
