On Thu, 19 Apr 2007 08:33:16 -0400, Sidnei da Silva <[EMAIL PROTECTED]> wrote:

On 4/19/07, Wichert Akkerman <[EMAIL PROTECTED]> wrote:
But you can get that even with PAS if you change the challenger in your
site PAS. For example if I configure my site to only allow OpenID logins
you can no longer use the emergency user since no challenger will result
in username&password style credentials.

Correct. In the case of PlonePAS, we are just making the default,
out-of-the-box config be not broken instead of being broken by

looking at this further, there really doesn't seem to be any good way to allow the root to be a non pas, and allow the plone default authentication (form based) to work with users in the root, without replacing the root. the way pas monkey patches the response during traversal, basically asserts only the inner most user folder gets a chance to challenge. apologies to the integrators, there really isn't a workaround for this outside of reworking pas's challenge mechanism or the challenge plugins to allow delegation up the chain, the means of which isn't apparent to me.


Zope-PAS mailing list

Reply via email to