Op 17 nov 2011, om 20:57 heeft Tres Seaver het volgende geschreven:


> On 11/17/2011 02:05 PM, Laurence Rowe wrote:
>> On 17 November 2011 15:23, Martin Aspeli <optilude+li...@gmail.com>
>> wrote:
>>> On 17 November 2011 14:46, Laurence Rowe <l...@lrowe.co.uk> wrote:
> <snip>
>>>> - Move authentication out to WSGI middleware.
>>> +1 - anything we can do to make AccessControl simpler and more 
>>> debuggable would be a big win.
> Note that there is a counter-trend here among the Pyramid crew:  many
> developers *want* tight integration of authentication, particularly the
> login forms.

   And there is a major issue with this is that for the moment your 
authentication depends from where you are in your Zope 2 application. Maybe in 
some part of the application the authentication will be done using LDAP, and 
not in some other: you can have a acl_users only for some part of the 
application, and users there are available locally and not globally. That is 
because the authentication is done after the traversing. If you want to do this 
in a WSGI middleware, you will have to do the traversing in a WSGI middleware 
before, otherwise lot of people won't be able to migrate theirs applications to 
Zope 4, because the paradigm changed.

   I don't think this is a good idea because of that.



Sylvain Viollon -- Infrae
t +31 10 243 7051 -- http://infrae.com
Hoevestraat 10 3033GC Rotterdam -- The Netherlands

Zope-Dev maillist  -  Zope-Dev@zope.org
**  No cross posts or HTML encoding!  **
(Related lists - 
 https://mail.zope.org/mailman/listinfo/zope )

Reply via email to