perhaps I am not phrasing it correctly.
I need to protect the root controller and all subcontrollers.
What method in Turbogears 2.0 will allow me to do that?
Currently, I must use @require(predicates.has_permission('manage',
msg=_('Only for managers'))) for each page in the Root Controller and
then set allow_only = in_group('manage') in the subcontrollers.
What method will allow me to use:
allow_only = in_group('manage')
in the RootController to protect my entire application?
Where might this be documented?
On Feb 18, 11:13 am, Gustavo Narea <[email protected]> wrote:
> On Wednesday February 18, 2009 16:55:20 cd34 wrote:
>
> > I need to protect an entire application behind a username/password
> > prompt.
>
> > What middleware do I use?
>
> repoze.who is all the middleware you need, the question is what repoze.who
> challenger and the answer is: You can use *any* repoze.who challenger (e.g.,
> BasicAuthPlugin, FormPlugin, RedirectingFormPlugin).
>
> The only thing to keep in mind is that if you want to use a
> RedirectingFormPlugin-based challenger, your application-wide access rule must
> always grant access to authentication-related URLs.
> --
> Gustavo Narea <http://gustavonarea.net/>.
>
> Get rid of unethical constraints! Get freedomware:http://www.getgnulinux.org/
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"TurboGears Trunk" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/turbogears-trunk?hl=en
-~----------~----~----~----~------~----~------~--~---
