On 22.09.2007, at 09:57, Yuan HOng wrote:
Hi,I have written a custom authenticator in my application to authenticate a login against a PostgreSQL database. In the site I have configured a PAU with a session credentials plugin and my custom authenticator plugin. I found out that with configuration, EVERY browser request is triggering my custom authenticator, which means a query of the database. I'd rather expect only the first login will send a database request, and before one logs out, subsequent requests will no longer be authenticated.
exactly, that's the default behavior. and it needs to be that way.in case the credentials are beeing changed or privileges are beeing revoked there are several use cases where you can't cache.
Does the PAU have a mechanism to cache the authentication before the user is logged out? Otherwise the authentication would be a highly inefficient process.
you need to implement caching on your own... just do something like: from zope.app.cache.ram import RAMCache authCache = RAMCache()key = {'user': credentials['login'].encode('utf-8'), 'pass': credentials['password'].encode('utf-8')}
result = authCache.query(self, key=key) if result is None: # perform database lookup authCache.set(result, self, key=key) return result jodok
Thanks, -- Hong Yuan 大管家网上建材超市 装修装潢建材一站式购物 http://www.homemaster.cn _______________________________________________ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users
-- "Special cases aren't special enough to break the rules." -- The Zen of Python, by Tim Peters Jodok Batlogg, Lovely Systems Schmelzhütterstraße 26a, 6850 Dornbirn, Austria phone: +43 5572 908060, fax: +43 5572 908060-77
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users