On Fri, Feb 22, 2008 at 4:33 PM, Devin Torres <[EMAIL PROTECTED]> wrote:
> > On Friday 22 February 2008 15:58:04 Kevin Horn wrote: > > On Fri, Feb 22, 2008 at 11:10 AM, Devin Torres <[EMAIL PROTECTED]> > > > > wrote: > > > I can't believe we're having this discussion on this mailing list. Use > > > AuthKit. If you're having problems understanding it contact me and > > > I'll try to help you, but we don't need to be reimplementing the wheel > > > here. Pylons has already chosen the best of breed packages for you, if > > > you have a problem with one of them then improve it.You said "it needs > > > a bit of continuing love to make it into all it could be." Well? Give > > > it that bit of continuing love! > > > > > > I just don't understand why we're trying to replace Pylons. We chose > > > it, now build on top of it and improve it. > > > > > > -Devin > > > > Personally, my problem with AuthKit was not that it was hard to > understand, > > but that: > > 1) It couldn't do some things I wanted to do > > 2) It would have been more work to retrofit those features than to "roll > my > > own"...and the result would not have looked anything like AuthKit. > > > > So I decided to create a library that would handle what I wanted. When > the > > topic came up on the TG-trunk mailing list, I mentioned my thoughts, > people > > seemed interested, and so now I'm working on something that _may_ become > > the default for TG2. > > > > AuthKit may be the "best of breed", but for me, it isn't good enough. I > > don't mean it's bad, just that it isn't what I want in an auth > framework. > > > > Of course, even if it does, nothing stops people from using AuthKit if > it > > meets their needs. It should be as simple as some config file changes > and > > changing a line or two in middleware.py > > > > Kevin Horn > > > > > Well let me know what these features are that everyone wants. > > I'm also not sure how TG1.x accomplished authentication (wasn't it just > forward authentication?), so if anyone could enlighten me on how TG1.x > authentication was performed I could probably provide a counter-example. > > -Devin > > The particular itch I wanted to scratch was having users with (in TG1 terminology) multiple groups and multiple permissions (or in authkit terminology, multiple groups and multiple roles). AuthKit specifically disallows a user from having more than one group. I suppose I could have hacked around this (maybe used roles for both groups _and_ permissions), but it seemed more trouble than it was worth. I also like to assign permissions to my groups, and then have the users belong to them. This might be possible with AuthKit, but I couldn't find any info on it (that was a while ago though). Also, AuthKit does not (AFAIK) have an analogue to the TG1 Identity "Any" condition, which is not often strictly necessary, but is really handy to have. There are a number of other "features" that have been mentioned on the TG and Pylons mailing lists that people would like to have, many of which AuthKit can do (as can Identity), but some of which cannot be done (or cannot easily be done) by either. It would also be pretty difficult (IMO) to give TG1 users an easy upgrade path when/if they decide to port their applications to TG2 if we used AuthKit. AuthKit is very flexible, but I think I/We can create something even _more_ flexible, and still make it easier to use for the average TG/Pylons user (many of which are new to Python web development). As for how TG1 handled authentication, it was more like AuthKit's "form and cookie" than its "forward", though the line is kinda blurry since Identity really was part of the application (sort of), rather than a wrapper. Kevin Horn --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "TurboGears Trunk" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/turbogears-trunk?hl=en -~----------~----~----~----~------~----~------~--~---
