I think that SqlObjectIdentityProvider should code a password. Because model layer had better not own dependence in the other layer.
I think automatic coding to have been necessary to use TG_User in CatWork, but had better add User Management Tool to ToolBox? On 2006/03/06, at 23:17, Jeff Watkins wrote: > A short time ago, the TG community decided that passwords should be > automatically encrypted when set on a TG_User instance. This made > the TG_User object dependent upon the current provider. If there is > no current provider, then the TG_User object can not encrypt its > password. > > Some might suggest that TG automatically create a default provider, > but I have encountered considerable resistance when enabling any > Identity related functionality by default. Therefore, it's all > turned off by default -- including the provider. > > Unfortunately, TG_User can't just check for a null provider and > store unencrypted passwords, because those records then won't work > if the provider is expecting encrypted passwords. Additionally, > Heikichi Umahara's patch (Ticket #635) isn't viable because it > moves the encryption functionality out of the provider and thereby > prevents having multiple providers with different encryption > schemes (Note: Ticket #206 would be precluded by this patch). > > On the other hand, because TG_User is a specific component of the > SqlObjectIdentityProvider and isn't intended to be used by any > other provider, it might be possible to couple these more tightly. > However, this still wouldn't be a solution because the provider > wouldn't know what encryption algorithm to use if it can't find the > config file. > > These are all reasons why I don't think having the password > automatically encrypted was a good idea. Before automatic > encryption, you had one more step you had to remember if you were > using encrypted passwords and nothing to worry about if you > weren't. After automatic encryption, you now have to erect a large > chunk of the TG infrastructure just to create a new user. > > > On 6 Mar, 2006, at 6:00 am, Drew Whitehouse wrote: > >> Yes I see that line in the debug, and I can make users from >> catwalk or >> the web shell. The key is to do it from "tg-admin shell" run in your >> projects directory or from a simple python program that has imported >> your model.py. > > -- > Jeff Watkins > http://newburyportion.com/ > > "Computers are like Old Testament gods; lots of rules and no mercy." > -- Joseph Campbell > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "TurboGears" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/turbogears -~----------~----~----~----~------~----~------~--~---
