PAS-1.4-final Released
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Announcement I'm pleased to announce that the final 1.4 version of the Zope PluggableAuthenticationService product is now available at: http://www.zope.org/Products/PluggableAuthService/PluggableAuthService-1.4 What is this thing? The PluggableAuthenticationService (PAS) is a mini-framework for extensible and configurable authentication, and authorization of users within Zope. What's New? This release includes a fix for Janko Hauser's issue #46, as well as some documentation cleanups. The major new feature in the 1.4 line is a new "Configured PAS" ZMI add list entry, which uses GenericSetup to create pre-configured user folders. Where do I learn more? - Please see CHANGES.txt for a complete change history. - Please report bugs to the PAS collector: http://www.zope.org/Collectors/PAS - The PAS mailing list, 'zope-pas@zope.org', is where the developers and users of PAS hang out. Tres. - -- =================================================================== Tres Seaver +1 202-558-7113 tseaver@palladion.com Palladion Software "Excellence by Design" http://palladion.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFE87yG+gerLs4ltQ4RAl3KAKCeZjHanR9v4YwNO8N0nklZfwARdQCeLMMX nr8erticHHK4ocUU82bNI6M= =QZCN -----END PGP SIGNATURE-----
--On 29. August 2006 00:03:18 -0400 Tres Seaver <tseaver@palladion.com> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Announcement
I'm pleased to announce that the final 1.4 version of the Zope PluggableAuthenticationService product is now available at:
*me loud thinking*: wouldn't it make sense to integrate PAS into the Zope 2 core and make it the new default mechanism for authentication replacing the old crappy UserFolder stuff? Andreas
Andreas Jung wrote:
...
I'm pleased to announce that the final 1.4 version of the Zope PluggableAuthenticationService product is now available at:
*me loud thinking*: wouldn't it make sense to integrate PAS into the Zope 2 core and make it the new default mechanism for authentication replacing the old crappy UserFolder stuff?
Would be nice - otoh, its still very rough - its actually not understandable how to plug which elements together to achieve a given goal. There is some documentation text about the general usage in the archive but if you dont have something online I'd expect a lot of people getting really confused and locking them out theirself. So unless you read what to do at the ZMI level, I'm a bit -1 for default integration. Tino
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Tino Wildenhain wrote:
Andreas Jung wrote: ...
*me loud thinking*: wouldn't it make sense to integrate PAS into the Zope 2 core and make it the new default mechanism for authentication replacing the old crappy UserFolder stuff?
Would be nice - otoh, its still very rough - its actually not understandable how to plug which elements together to achieve a given goal. There is some documentation text about the general usage in the archive but if you dont have something online I'd expect a lot of people getting really confused and locking them out theirself. So unless you read what to do at the ZMI level, I'm a bit -1 for default integration.
I would certainly agree that the product to date has been rough, and that it is pretty easy to create "lockout" situations (although I haven't seen one which locked out the "emergency user" since before the initial public release). I think that the "GenericSetup profile" feature would make some of the first issue better, as we could ship "known good" configurations of the stock plugins. In fact, 1.4 includes such a profile, "simple", which sets up a working configuration, using ZODB-based users and groups. The remaining "roughness" bit is documentation: because the framework is so pluggable, there are lots of options when setting it up. While documenting the intent of the framework is fairly straghtforward, writing useful "user-level" docs for people who don't expect to spend the time to understand it is way harder. Tres. - -- =================================================================== Tres Seaver +1 202-558-7113 tseaver@palladion.com Palladion Software "Excellence by Design" http://palladion.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFE9Ew2+gerLs4ltQ4RAtkxAKCIYy3+74gEayRxIkZqGQYhWabRvACcDhdv NqyPch1W3qqE9y+KQq0cJmk= =UsZc -----END PGP SIGNATURE-----
Previously Tres Seaver wrote:
The remaining "roughness" bit is documentation: because the framework is so pluggable, there are lots of options when setting it up. While documenting the intent of the framework is fairly straghtforward, writing useful "user-level" docs for people who don't expect to spend the time to understand it is way harder.
User searching/enumeration is a spot of 'roughness' as well. The current plugins only support searching by id and login with a "TODO: try using 'kw'" remark. I am scheduled to do a tutorial on PAS at the Plone Conference in Seattle in October; that might result in some user documentation as a side product. Wichert. -- Wichert Akkerman <wichert@wiggy.net> It is simple to make things. http://www.wiggy.net/ It is hard to make things simple.
participants (4)
-
Andreas Jung -
Tino Wildenhain -
Tres Seaver -
Wichert Akkerman