On 11/22/2011 11:13 AM, Sylvain Viollon wrote: > Op 17 nov 2011, om 20:57 heeft Tres Seaver het volgende geschreven: >> Note that there is a counter-trend here among the Pyramid crew: many >> developers *want* tight integration of authentication, particularly the >> login forms.
I'm not sure I fully agree with that observation. I think the trend is that trying to do the UI part of authentication in middleware turned out to be a mistake and people are moving away from that. But everything else does not need tighter integration. > And there is a major issue with this is that for the moment your > authentication depends from where you are in your Zope 2 application. Maybe > in some part of the application the authentication will be done using LDAP, > and not in some other: you can have a acl_users only for some part of the > application, and users there are available locally and not globally. That is > because the authentication is done after the traversing. If you want to do > this in a WSGI middleware, you will have to do the traversing in a WSGI > middleware before, otherwise lot of people won't be able to migrate theirs > applications to Zope 4, because the paradigm changed. Realistically though: how often is that used? Is that enough to warrant the extra complexity? WIchert. _______________________________________________ Zope-Dev maillist - Zope-Dev@zope.org https://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope )