-----BEGIN PGP SIGNED MESSAGE-----
Wichert Akkerman wrote:
> Previously Tres Seaver wrote:
>>We aren't "enforcing" anything: the plugin can't fulfill its own
>>contract (in this case, to return a list of (id, title) tuples) if the
>>user has screwed up by configuring the other plugins that way.
> If multiple principals share have the same id you will still fulfill the
> contract; the only difference is that with this patch you will see the
> title from the first one and ignore titles from the others. This is ok
> since we still show all ids.
> For some background: I needed this patch to be able to use groups from
> an active directory environment in a site. That gave me two groups
> called 'Administrators': the standard Zope one and the one that comes
> in via active directory.
Within a single PAS, it is an error to have two principals with the same
ID; otherwise you will end up granting permissions inappropriately. If
you have plugins which are generating identical IDs, then you need to
have one or both of them use prefixes (that is what they are for).
BTW, there is no "standard" Administrators group in Zope (Zope proper
doesn't know about groups at all).
Tres Seaver +1 202-558-7113 [EMAIL PROTECTED]
Palladion Software "Excellence by Design" http://palladion.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
Zope-PAS mailing list