I like the idea of adding cookie auth to the API. The user product choices are convoluted and I think the community would benefit from adding standard capability to the core.
Adding to that... my priority would be to extend acl_users folder to allow for built-in storage of additional user properties beyond username/password. Yes, there are user products that do this to a point, but an API that allows you to simply do it in ZODB would be ideal. Maybe someone more familiar could determine a "best of" integration that addresses acl_users folder extensibility and security to add this to Z2.6. -Trevor > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf > Of Dario Lopez-Kästen > Sent: Tuesday, March 05, 2002 3:09 PM > To: [EMAIL PROTECTED] > Subject: [Zope-dev] Cookie Crumbler and similar products (Re: Zope 2.6 > project updated) > > > From: "Matt Behrens" <[EMAIL PROTECTED]> > > Christian Theune wrote: > > > > > Well I saw the cookie crumbler wish has been added to the > list already, > > > and (as i tested it out this moment) don't see what exactly needs to > > > be done than adding it by default to the root userfolder. > > > Well, probably some facelifting to the default login, thats not > > > urgent in any way but if wished i would do that. > > > > Well, as far as "least-intrusive", CC loses some points by not being > > compatible with some of the user folders that do their own cookie auth, > > although that's arguably not CC's fault. > > > > Which makes me think of another point. I haven't used Zope 2.5.1 > yet, but I > understand from some of the traffic on the mailinglists that some have > wanted to disable the session tracking/session management beause it > interferes with the solutions they allready use for session tracking. > > And now there is a possible inclusion of another product (CC) that might > conflict with other products' cookie functionality. > > Instead of locking up users with a particular implementation of a solution > to a general problem, why not present an API for a) session management and > b) cookie management, and then present default products that use > these API's > to provide solutions? This way it will not be hard to replace both session > management and cookie management with other products. > > Any one else think that this might be a worthwhile idea? If so, I > can offer > time and effort and my limited knowledge of zope to make this possible. > > /dario > > > > _______________________________________________ > Zope-Dev maillist - [EMAIL PROTECTED] > http://lists.zope.org/mailman/listinfo/zope-dev > ** No cross posts or HTML encoding! ** > (Related lists - > http://lists.zope.org/mailman/listinfo/zope-announce > http://lists.zope.org/mailman/listinfo/zope ) _______________________________________________ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )