[TurboGears] Re: identity problem ?

[Jeff Watkins]

A short time ago, the TG community decided that passwords should be automatically encrypted when set on a TG_User instance. This made the TG_User object dependent upon the current provider. If there is no current provider, then the TG_User object can not encrypt its password. Some might suggest that TG automatically create a default provider, but I have encountered considerable resistance when enabling any Identity related functionality by default. Therefore, it's all turned off by default -- including the provider. Unfortunately, TG_User can't just check for a null provider and store unencrypted passwords, because those records then won't work if the provider is expecting encrypted passwords. Additionally, Heikichi Umahara's patch (Ticket #635) isn't viable because it moves the encryption functionality out of the provider and thereby prevents having multiple providers with different encryption schemes (Note: Ticket #206 would be precluded by this patch). On the other hand, because TG_User is a specific component of the SqlObjectIdentityProvider and isn't intended to be used by any other provider, it might be possible to couple these more tightly. However, this still wouldn't be a solution because the provider wouldn't know what encryption algorithm to use if it can't find the config file. These are all reasons why I don't think having the password automatically encrypted was a good idea. Before automatic encryption, you had one more step you had to remember if you were using encrypted passwords and nothing to worry about if you weren't. After automatic encryption, you now have to erect a large chunk of the TG infrastructure just to create a new user. On 6 Mar, 2006, at 6:00 am, Drew Whitehouse wrote: Yes I see that line in the debug, and I can make users from catwalk or the web shell. The key is to do it from "tg-admin shell" run in your projects directory or from a simple python program that has imported your model.py. -- Jeff Watkins http://newburyportion.com/ "Computers are like Old Testament gods; lots of rules and no mercy." -- Joseph Campbell --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "TurboGears" group. To post to this group, send email to turbogears@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/turbogears -~----------~----~----~----~------~----~------~--~---