Hi Jan 

> Betreff: [Zope-dev] z3c.password and tracking failed login attempts
> Hi,
> A while ago I asked some questions and made some suggestions 
> for improving how to track failed login attempts in 
> z3c.password. Most likely these suggestions got buried in now 
> a out-of-sight thread and were never noticed.
> My suggestion was that making a request for for example a 
> resource could still trigger the account locked errors, where 
> in my opinion only the login attempts themselves should do that.
> I created a branch of z3c.password..: 
> http://svn.zope.org/z3c.password/branches/jw-noraise-for-irrel
> ..that will check for request relevancy as early as possible. 
> All tests pass without modification, but with this change 
> after an account has been locked out requests for for example 
> resources will still work. Additionally I think the code is a 
> tad more readible now. I added a test to demonstrate the 
> specific behaviour.
> Would any of the z3c.password users/developers object to 
> having this branch merged to the trunk?

Adam is on holiday this week. I'm sure he will take a look
at the branch next monday.

Roger Ineichen

> regards, jw 

Zope-Dev maillist  -  Zope-Dev@zope.org
**  No cross posts or HTML encoding!  **
(Related lists - 
 https://mail.zope.org/mailman/listinfo/zope )

Reply via email to