This is cool. I wish I'd had the chance to review it so far so I might be able to roll some of the changes into CST. Sorry Joseph. :-( ----- Original Message ----- From: "Joseph Wayne Norton" <norton@alum.mit.edu> To: "Joachim Schmitz" <js@aixtraware.de> Cc: <zope-dev@zope.org> Sent: Wednesday, November 07, 2001 9:41 AM Subject: Re: [Zope-dev] struggeling with a sessionbased LoginMethod
Joachim -
I can't help you with LoginManager, but I did build a customized version of the acl_users folder that is tightly integrated with core session tracking. You might want to consider using it or simply to duplicate the same behavior. Please see the e-mail below.
regards,
- joe n
At Mon, 29 Oct 2001 15:35:03 +0900, norton wrote:
I have updated the tarball for CoreSessionUserFolder product
(version
0.0.3) on the zope.org website. You can access the tarball from my home page at:
http://www.zope.org/Members/natsukashi/index.html
I have changed the implementation slightly and refined the usage model. The basic idea is that an anonymous session object is automatically converted into a zope user object given some trigger criteria. After conversion to a zope user object, the anonymous web user is granted access via zope's security machinery to some protected resource (like index_html). The session user/object will then be automatically deleted unless the session's life is extended by another trigger criteria. By using CookieCrumbler in conjunction with CoreSessionUserFolder, all of the login/logout mechanisms are nicely hidden from the anonymous user.
I have also included a small demo *.zexp (install/README.txt) that can be used out-of-the-box once all of the necessary patches (patches.README.txt) have been applied. It requires zope 2.4.*, CST 0.0.9, and the cookie crumbler product.
I have labeled it a prototype simply because it has not been reviewed yet outside of our organization. Unless there are any troubles, this product will be in production usage tomorrow. You can access the website (a fortune telling site) given the following url:
http://www.unkei.com/unkei/menu.html
A CoreSessionUserFolder backs each of the content menus and implements a pay-per-view service where a credit card purchase acts as the session extending trigger. Unfortunately, the content is only in Japanese and a payment using a major credit card is required to view the content.
Obviously, any feedback good or bad are appreciated.
- joe n.
_______________________________________________ Zope-Dev maillist - Zope-Dev@zope.org http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )