Dario Lopez-KÃsten wrote:
Tres Seaver wrote:

I recently reworked Anthony Baxter's SQLSessions product for a consulting customer


What I would like to do is revisit the effort, using the new PluginRegistry code released as part of the PluggableAuthService release; I am, however, pretty well booked up for the next few weeks. I would be glad to advise anybody who felt called to take on such an effort, however.


I actually need this whithin the next couple of weeks - only one caveat: I'd have to do a serious read-up on sessioning, which I don't understand at all and the PluggableAuthService product, which I never heard of until I read about it.

It wouldn't necessarily require PAS, merely the PluginRegistry which was released with it. The reason for this requirement is that a "SQLSessionNG" product needs to have a set of plugins, which will typically be customized on a per-site basis to fit whatever backend RDBMS schema is in use. Perhaps we should call the product "PluggableSessions", as there isn't any particular requirement that the backend be SQL based.

We have something similar to SQL-Sessions. However, our security machinery is built on top of Zopes own (in parallell not replacing it). It is loosely modelled around a mix of Zope's way of doing things with a hint of XUF (we couldn't use XUF at the time, because it wasn't stable enough back then).

One of the goals wiht the current rewrite of one of our apps is to go back doing things the Zope-way, by using Zope's own security mechanisms. We have working solutions for authentication, but the sessioning part remains - especically since we, like in Steve's setup expire sessions on the server rather than on the browser end.

PAS does have a SessionAuthHelper which stashes credentials in the session; you could probably wrap up your current authentication solution as an IAuthenticationPlugin plugin for it.

So... any hints on where to begin reading for the completely-lost newbie?

Tres. -- =============================================================== Tres Seaver [EMAIL PROTECTED] Zope Corporation "Zope Dealers" http://www.zope.com

Zope-Dev maillist  -  [EMAIL PROTECTED]
**  No cross posts or HTML encoding!  **
(Related lists -
http://mail.zope.org/mailman/listinfo/zope )

Reply via email to