On Wed, Mar 15, 2000 at 02:23:43PM -0500, Pavlos Christoforou wrote:
I have not touched the authentication machinery yet so I must rely on other Zopistas efforts. There is a LoginManager which is part of the PTK. Seems to be well thought out, and it seems to provide a very general and broad solution to the authentication problem, but I have no idea whether or how it works.
The Login Manager looks good because, unlike GUF and UserDb, it allowed me to use the admin/supervisor password to authenticate straight away and so didn't lock me out of the directory. I actually gave up on GUF because I _couldn't_ get it to let me in in the first place to set up my db methods. The password that is supposed to be built in didn't work at all, neither did the supervisor one. To me this is the biggest problem with the other existing systems, that they lock you out of your site and there is little you can do about it. (In UserDb I had to comment out parts of the security code to get it to let me in and set it up properly. After it was set up it worked fine and I could put the code back.)
Another useful add on is for GUF to ship a complete example of its usage based on standard Zope objects (Folders etc). Maybe as an exported folder that the user can optionally import.
All authentication stuff from a database is going to require the person to customise their own sql we can't make custom authentication methods any easier than that, but in the simplest case this should be _all_ they have to do. The supervisor password should _always_ work in any authentication method from the beginning and it should be made clear that people are going to have to authenticate using that particular password until they have the rest of their site set up. Anyway, the LoginManager looks very clean. It already doesn't have a lot of the old problems and I like the abstraction. Now I just have to finish getting DCOracle working (annoying truncated .so files...). -- Evan ~ThunderFoot~ Gibson ~ nihil mutatem, omni deletum ~ May the machines watch over you with loving grace.