Okay, found it. I was trying to skip ahead and build the identity
checking into the decorator I'd already built, eg:
def auth(roles):
"""Limits decorated function to use only by given list of roles"""
def decorator(func):
for role in roles:
if role in identity.current.groups:
break
else:
raise identity.GroupMembershipRequiredException(roles)
return func
return decorator
As soon as I removed the identity.current.groups and used the built
in decorator, my project started up normally. Now, I was just being
foolish -- I need to derive from identity.SecureResource to use
identity.current.groups -- but the fact this raised an
IdentityManagementNotEnabledException was a little misleading.
--Ryan
