You just need to adjust the way login forms are done so that the login is done by the repoze.who middleware, not forwarded back to your protected conroller.
For example you could use a basic auth plugin, that never renders a page, or you could use another form plugin that does not redirect to your protected tg controller. If you don't want to do either of those things, and your want your login form in your main app, and you want everything protected (there's no public section of the site) then yea, you'll have to protect all the resources seprately. But there are other options. They may not be documented that well yet, but we're still in beta, give us a chance here ;) On Wed, Feb 18, 2009 at 12:29 PM, cd34 <[email protected]> wrote: > > perhaps I am not phrasing it correctly. > > I need to protect the root controller and all subcontrollers. > > What method in Turbogears 2.0 will allow me to do that? > > Currently, I must use @require(predicates.has_permission('manage', > msg=_('Only for managers'))) for each page in the Root Controller and > then set allow_only = in_group('manage') in the subcontrollers. > > What method will allow me to use: > > allow_only = in_group('manage') > > in the RootController to protect my entire application? > > Where might this be documented? > > On Feb 18, 11:13 am, Gustavo Narea <[email protected]> wrote: >> On Wednesday February 18, 2009 16:55:20 cd34 wrote: >> >> > I need to protect an entire application behind a username/password >> > prompt. >> >> > What middleware do I use? >> >> repoze.who is all the middleware you need, the question is what repoze.who >> challenger and the answer is: You can use *any* repoze.who challenger (e.g., >> BasicAuthPlugin, FormPlugin, RedirectingFormPlugin). >> >> The only thing to keep in mind is that if you want to use a >> RedirectingFormPlugin-based challenger, your application-wide access rule >> must >> always grant access to authentication-related URLs. >> -- >> Gustavo Narea <http://gustavonarea.net/>. >> >> Get rid of unethical constraints! Get freedomware:http://www.getgnulinux.org/ > > > -- Mark Ramm-Christensen email: mark at compoundthinking dot com blog: www.compoundthinking.com/blog --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "TurboGears Trunk" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/turbogears-trunk?hl=en -~----------~----~----~----~------~----~------~--~---
