On 11/22/2011 11:13 AM, Sylvain Viollon wrote:
> Op 17 nov 2011, om 20:57 heeft Tres Seaver het volgende geschreven:
>> Note that there is a counter-trend here among the Pyramid crew:  many
>> developers *want* tight integration of authentication, particularly the
>> login forms.

I'm not sure I fully agree with that observation. I think the trend is 
that trying to do the UI part of authentication in middleware turned out 
to be a mistake and people are moving away from that. But everything 
else does not need tighter integration.
>     And there is a major issue with this is that for the moment your 
> authentication depends from where you are in your Zope 2 application. Maybe 
> in some part of the application the authentication will be done using LDAP, 
> and not in some other: you can have a acl_users only for some part of the 
> application, and users there are available locally and not globally. That is 
> because the authentication is done after the traversing. If you want to do 
> this in a WSGI middleware, you will have to do the traversing in a WSGI 
> middleware before, otherwise lot of people won't be able to migrate theirs 
> applications to Zope 4, because the paradigm changed.

Realistically though: how often is that used? Is that enough to warrant 
the extra complexity?


Zope-Dev maillist  -  Zope-Dev@zope.org
**  No cross posts or HTML encoding!  **
(Related lists - 
 https://mail.zope.org/mailman/listinfo/zope )

Reply via email to