+-------[ Tom Trelvik ]---------------------- | Chris Withers wrote: | >PluggableAuthenticationService is your friend, you may not even need PAM | >;-) | | I'm sure PluggableAuthService -- and exUserFolder, etc. -- are great | and all, but if you don't mind my asking the dumb question ... why | reinvent a perfectly good wheel? This seems like exactly the kind of | thing PAM was designed for. One product introducing PAM support would | eliminate the need to support most of these other authentication | schemes. And with the kind of extensibility already available, it'd | still be perfectly possible to create your own authentication method if 1st, you need PAM support on every platform. 2nd, you need python/zope bindings for PAM that don't impose licensing restrictions on you. The current PyPAM bindings are GPL (not even LGPL), so that pretty much restricts the pool of people willing to bind to them. (Motivation for me to write my own bindings is pretty low). 3rd, you underestimate just what people want out of their web app. They don't want to setup PAM and deal with new mysterious TLA crap, when their database or NT server is already working just fine. 4th, people use these things to manage users not just auth them, and PAM unfortunately doesn't do that. In other words, if people wanted it badly enough, it'd be done. Let me know when you're finished d8) -- Andrew Milton akm@theinternet.com.au