Well. (This answer could also be posted a bit up the thread) I think we see that Cookie Crumbler may not be the solution to what i originally itended - the availability of cookie based authentication in the standard userfolder. Due to its problems, it seems as if it would be best, to extend the first userfolder again (currently a userfolder on the api has no idea about different authentication methods at all, or am i wrong?) but this would break the api - which changed in 2.5 afairk already - again, which i do not desire just for the sake of proper logout of management interface / cookie logins ... but i still believe it would be good to be there. Greetings Christian On Tue, Mar 05, 2002 at 03:31:50PM -0500, Trevor Toenjes wrote:
I like the idea of adding cookie auth to the API. The user product choices are convoluted and I think the community would benefit from adding standard capability to the core.
Adding to that... my priority would be to extend acl_users folder to allow for built-in storage of additional user properties beyond username/password. Yes, there are user products that do this to a point, but an API that allows you to simply do it in ZODB would be ideal.
Maybe someone more familiar could determine a "best of" integration that addresses acl_users folder extensibility and security to add this to Z2.6.
-Trevor
-- Christian Theune - ct@gocept.com gocept gmbh & co.kg - schalaunische strasse 6 - 06366 koethen/anhalt tel.+49 3496 3099112 - fax.+49 3496 3099118 mob. - 0178 48 33 981 reduce(lambda x,y:x+y,[chr(ord(x)^42) for x in 'zS^BED\nX_FOY\x0b'])