On Tue, 12 Oct 1999, Jim Sanford wrote:
I handled this by creating a username and password in the top level acl_users folder. I then wrap every call to retrieve data in a call (<dtml-in "Query.UserSettings()"> )to an SQL method that returns permissions and other settings for the authenticated user's name. The SQL methods have embedded tests for what data can be returned based on the user settings.
You want your security defined in one place though. If the security is defined at the database backend, then multiple front ends (one of which can be Zope) can be used securely. I also have ludites to support who require command line tools to generate their reports (hmm.... todo.... use a 'lynx -source' wrapper for future report updates....) ___ // Zen (alias Stuart Bishop) Work: zen@cs.rmit.edu.au // E N Senior Systems Alchemist Play: zen@shangri-la.dropbear.id.au //__ Computer Science, RMIT WWW: http://www.cs.rmit.edu.au/~zen