On Thu, Mar 3, 2011 at 5:37 PM, Diez B. Roggisch <[email protected]> wrote: > On Thursday, March 03, 2011 04:42:30 pm Christian Schanz wrote: >> Hello, >> >> I am new to turbogears but was able to start an application without >> problems. >> >> Now I want to use two different forms of authentification: >> >> /api/* should use basic http authentification >> /web/* should use the standard authentification (login/logout) >> >> At the moment I am using basic authentification for everything by using >> >> from repoze.who.plugins.basicauth import BasicAuthPlugin >> base_config.sa_auth.form_plugin = BasicAuthPlugin() >> >> in app_cfg.py >> >> Do I have to split the application? > > No, repoze.who is certainly capable of that. But I don't know how exactly - I > always get lost in the classifier, challenger identifier and > meta-data-provider > thingies.
The identifiers, authenticators and challengers options of the repoze middleware should be a list of pluggable pieces that should be checked one after the other for being able to identify/authenticate the user. Registering both the auth tkt and basic auth identifiers should provide authentication for both. I don't know it is possible to do that basing on the url, but you can surely enable both for the entire application. -- You received this message because you are subscribed to the Google Groups "TurboGears" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/turbogears?hl=en.
