I've been playing with making an extraction/authentication plugin that takes a cryptographically signed cookie (shared secret and a SHA hash, for the curious) from an external script, with username and expiry derived from the cookie. Basically, I'm trusting the external script has authenticated the user in the cookie up until the expiry time ticks over. That part works.
What I'm missing is the ability to manage groups and roles with ZODB managers of each. If I hit the assignments link for either I have no available users. Since I can't actually enumerate my users in the scenario I'm looking at, am I looking at patching/subclassing both managers to accept arbitrary principal IDs? Or is there a better way? _______________________________________________ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
