On Mon, Nov 14, 2005 at 12:54:50PM +0100, Dario Lopez-Kästen wrote:
| Sidnei da Silva wrote:
| >On Mon, Nov 14, 2005 at 11:12:31AM +0800, Tom Hallam wrote:
| >| I infer from the above that the replacement of both user folders is a
| >| design decision. The implication of this is that if you have multiple
| >| sites on the same Zope install all instances have to be PAS regardless
| >| of what your actual authentication needs are :-( . I should be able to
| >| keep a simple acl_users folder in the zope root if I'm happy with
| >| limitations given above. The install program should not force this.
| >Not sure what to say. Your requirement is weird to say the
| >least. We've decided for the path of less confusion.
| >99% of the Plone (or 'CookieCrumbler', as this affects any user of
| >cookie-based authentication) users would expect to be able to log in
| >with a user from a user folder in the root, which *is*
| >backwards-compatible behavior. What you want is not
| >backwards-compatible behaviour IMHO, so my opinion is that you will
| >have to fix that yourself if you want that policy to be supported.
| err... that requirement is not at all wierd, and I am not sure that you
| are talking about different things...
| Does this mean, that in any Zope ZODB where I have such a Plone
| instance, the Plone instance imposes it's acl_users on the ROOT of the
| Zope install?
No, PlonePAS migrates the acl_users on the 'first found above' to be a
compatible PAS acl_users setup, with existing users migrated, only if
it's a standard 'User Folder'.
| Or is it that if I use PAS, *all* user folders at any
| level in the ZODB have to be PAS in that particular ZODB, regardless of
| at which level I use a PAS acl_users?
No, that's not the case.
Sidnei da Silva
Enfold Systems, LLC.
Zope-PAS mailing list