On Fri, 2007-14-12 at 12:15 +0100, Alberto Valverde wrote: > > - I need to use some form of very good and extensible > > authorization/identity system, what is the status on that? Is it > > straight forward to use authkit with TG2 right now? I'm currently using > > just a little bit of TG1 identity. Do we know what the recommended > > identity system will be > > I've used Authkit in various apps for authentication and I really like it. > For authorization I've used a library of mine > (http://svn.toscat.net/TPS/trunk) though I don't recommend it since its > not documented (and will probably never be). However, authorization using > authkit can be as easy as implementing your own checks (inside the > controller or in a hand-rolled decorator) and throwing a 401 or 403 (with > abort()) when you want to deny access. AuthKit will trap any 401s and will > present the user with a login form, redirect to a url or whatever > authentication mechanism you've configured. > > There are pretty decent AuthKit docs in Pylons' wiki.
There certainly does seem to be good momentum behind Authkit. Would it be practical to put a TG1 like API over authkit? It seems to me that that would be the best long-term solution, even if it meant identity was not ready for the first TG2 beta release. I am very enthused about the the TG1 api over pylons internals concepts, and IMHO, it would be a shame if authorization did not extend this connection. Iain --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "TurboGears Trunk" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/turbogears-trunk?hl=en -~----------~----~----~----~------~----~------~--~---
