OK, time for another Zen fix :-) It looks like I've almost got PTK working with the latest LoginManager. The remaining problem is that the login form doesn't work. I've finally figured out why. PTKBase.MemberFolder.MemberFolderBase.validate is much hairier than LoginManager.LoginManager.validate. A rough sketch is like this: if req_has('__ac'): ... handle cookie login ... if req_has('__ac_name') and req_has('__ac_password'): ... handle explicit login ... if auth and lower(auth[:6]) != 'basic': ... do basic authentication ... ... climb up the acquisition hierarchy ... ... try anonymous ... I know that the official way to do most of this sort of thing with LoginManager is by defining new LoginMethods, but I just don't see how to make LoginManager even try the LoginMethods at the correct time without overriding validate. Am I on the right track here? Dan Pierson
At 06:02 PM 5/19/00 -0400, Dan L. Pierson wrote:
LoginManager.LoginManager.validate. A rough sketch is like this:
if req_has('__ac'): ... handle cookie login ...
if req_has('__ac_name') and req_has('__ac_password'): ... handle explicit login ...
if auth and lower(auth[:6]) != 'basic': ... do basic authentication ...
... climb up the acquisition hierarchy ...
... try anonymous ...
LoginManager will behave just like your outline, if you give it a BasicCookie LoginMethod, and a BasicAuth LoginMethod, in that order. LoginManager does not climb up the acquisition hierarchy, as that is properly the province of ZPublisher to do. It will provide the anonymous user, if it is a top-level user folder.
I know that the official way to do most of this sort of thing with LoginManager is by defining new LoginMethods, but I just don't see how to make LoginManager even try the LoginMethods at the correct time without overriding validate.
Am I on the right track here?
Not as far as I can see. You shouldn't even need any custom LoginMethods, the out-of-the-box ones should work just fine.
participants (2)
-
Dan L. Pierson -
Phillip J. Eby