But from what I understand, the session logic in globals.py and main.py pretty much depends on cookies in the client for finding out what session to reconnect to on subsequent requests after the very first request (which creates the session record). But a windows client will not know what a cookie is... So I believe we need to change that web2py core code to handle this cookieless session reconnect scenario.
On Saturday, November 17, 2012 10:41:24 PM UTC-6, Dave wrote: > > Jim, > > If your windows users are logging in via active directory you could just > make your web2py app authenticate through ldap to AD. That would ensure AD > is your source of truth fo user authentication and management. > > Just a thought. > > On Thursday, November 15, 2012 12:32:03 PM UTC-5, Jim S wrote: >> >> Sounds like there is no easy way to do it. I looked through that code >> and it seems pretty involved. I was hoping to do this without needing the >> web2py libs and such. >> >> -Jim >> >> On Thursday, November 15, 2012 11:14:09 AM UTC-6, Niphlod wrote: >>> >>> https://github.com/web2py/web2py/blob/master/gluon/tools.py#L1776 >>> that basically calls the validators attached by default to a password >>> field >>> https://github.com/web2py/web2py/blob/master/gluon/tools.py#L1479 >>> i.e. you just have to import the validator CRYPT and check with that >>> passing the correct parameters >>> https://github.com/web2py/web2py/blob/master/gluon/validators.py#L2659 >>> >>> PS: CRYPT was easier to follow before the introduction of the pdfbk2 >>> algo, but it's quite straightforward if you are willing to cut off >>> backward-compatibility >>> (that required lazycrypt >>> https://github.com/web2py/web2py/blob/master/gluon/validators.py#L2581) >>> >>> --
