OK, so what are people doing for WebWare sites that require Authentication/Authorisation?
The most common solution is quite simple. When a page requires login, you give them a login form (you might check it in awake()). You get the username and password through plain form fields, check them, and if it works you put the username (or user object) into the session.
It's not very featureful, but it's very flexible. (And working just a bit with Zope user authentication, I can tell you that I much, much prefer the Webware compromise of featureless-but-flexible)
I'm just starting on a Web app that will reuire a pretty flexible authorization scheme -- what people see at any given URL could be quite different depending on who they are.
I am unimpressed by generalized authorization schemes. I think ad hoc schemes work better. Which, again, is all Webware give you ;)
So you have to build authorization and selective displays into your application by hand. Which really isn't that hard -- IMHO, no harder than fitting your requirements into a preexisting scheme.
Is there anything useful in UserKit to build on?
Eh, I'm not too psyched with UserKit myself. Very few people are using it.
I have some stuff that's a bit more recent (from last PyCon, I think) in Sandbox/ianbicking/Component -- the component examples are all for user management.
Has Chuck Esterbrook abandoned us?
He's quiet, but not gone. He seems to be doing some MiddleKit stuff recently.
Ian
------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ Webware-discuss mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/webware-discuss
