On 10/4/05, Lethalman <[EMAIL PROTECTED]> wrote: > > This AuthMD5 is only a basic-auth authentication, the real MD5 comes > with digest auth where the client encrypt its data in MD5 too... > > However i check for cherrypy and it got multiple models for it but i > think they're not as good as mine is because: > 1) MultiAuth is external
What do you mean by "external"? As far as I know, it's a CherryPy auth/auth scheme, so that's not really external. We'd want to augment anything that comes from outside to work better with TurboGears, but as long as the license is compatible anything out there is fair game. > 2) I found another auth model that uses files, and i think that using > authentication in a OO mode is better TurboGears authentication must be able to work with an SQLObject database, in addition to any other means. There should be a good out-of-the-box experience for people using all of the TurboGears parts. > 3) Did i mismatch what AuthenAutorize means in > http://www.turbogears.com/community/projects.html? Maybe it means > "extend already existing authentication/authorization"... For any project, the goal is the same: * easy-to-use and handles the common needs in a very simple way * well-integrated use of the TurboGears parts * flexible enough to handle relatively common more complex needs * leveraging as much pre-existing, already tested code as possible * writing new code to cover the integration and any needs that are simply not met by code that already exists. Ideally, the 4th point also means using whole packages so that we can track changes made in the project it came from. Authentication and authorization have been done many times before, even a few times for CherryPy specifically. It seems like a very likely candidate for gathering ideas and code from other places. This is not to say that we won't use your auth module, or some of the ideas you came up with... My point is that *a lot* of work has been done in webapps to this point, and TurboGears is not a "Not Invented Here" (http://en.wikipedia.org/wiki/Not_Invented_Here) sort of project. > However take care of the opera fix please :) Committed in r27. Thanks! Kevin
