Op 17 nov 2011, om 20:57 heeft Tres Seaver het volgende geschreven: Hello,
> > > On 11/17/2011 02:05 PM, Laurence Rowe wrote: >> On 17 November 2011 15:23, Martin Aspeli <optilude+li...@gmail.com> >> wrote: >>> On 17 November 2011 14:46, Laurence Rowe <l...@lrowe.co.uk> wrote: > > <snip> > >>>> - Move authentication out to WSGI middleware. >>> >>> +1 - anything we can do to make AccessControl simpler and more >>> debuggable would be a big win. > > > Note that there is a counter-trend here among the Pyramid crew: many > developers *want* tight integration of authentication, particularly the > login forms. > And there is a major issue with this is that for the moment your authentication depends from where you are in your Zope 2 application. Maybe in some part of the application the authentication will be done using LDAP, and not in some other: you can have a acl_users only for some part of the application, and users there are available locally and not globally. That is because the authentication is done after the traversing. If you want to do this in a WSGI middleware, you will have to do the traversing in a WSGI middleware before, otherwise lot of people won't be able to migrate theirs applications to Zope 4, because the paradigm changed. I don't think this is a good idea because of that. Regards, Sylvain, -- Sylvain Viollon -- Infrae t +31 10 243 7051 -- http://infrae.com Hoevestraat 10 3033GC Rotterdam -- The Netherlands _______________________________________________ Zope-Dev maillist - Zope-Dev@zope.org https://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope )
