Re: [Zope] GUF: Generic User Folder
jon prettyman <jprettyma-@acm.org> wrote:
Not to mention, it will only authenticate DTML constructs, not content such as PDF's, static HTML files, ... ... "Evan Simpson" <evan@4-am.com> writes:
I wouldn't recommend it; Changes in the implementation of the authentication machinery will break this, probably in the next release.
I know, I know. :) But how otherwise do I get you people to come out from hiding without posting a hack like that? :) GUF has problems and we have to face it. If a product takes a few days to install, if a product locks newbies up and send them into panic attack, it has problems. Please just look up past postings in the mailing list... headers like "Bad... very bad" and "GenericUserFolder has locked me out" are just heartbreaking. :) If I have time I'll find something better, or make something better. :) Evan: (1) When the the next version of Zope coming out? It fixes a tiny bug that I reported. :) Will it have a native feature like SiteAccess that you have mentioned before? (2) Could you describe briefly how the traverse machinery works in Zope? I'd like to take a look into it. Which Python files are involved? regards! Hung Jung ______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com
On Wed, 15 Mar 2000, Hung Jung Lu wrote:
I know, I know. :) But how otherwise do I get you people to come out from hiding without posting a hack like that? :)
GUF has problems and we have to face it. If a product takes a few days to install, if a product locks newbies up and send them into panic attack, it has problems. Please just look up past postings in the mailing list... headers like "Bad... very bad" and "GenericUserFolder has locked me out" are just heartbreaking. :)
If I have time I'll find something better, or make something better. :)
I have not touched the authentication machinery yet so I must rely on other Zopistas efforts. There is a LoginManager which is part of the PTK. Seems to be well thought out, and it seems to provide a very general and broad solution to the authentication problem, but I have no idea whether or how it works. Another useful add on is for GUF to ship a complete example of its usage based on standard Zope objects (Folders etc). Maybe as an exported folder that the user can optionally import.
On Wed, Mar 15, 2000 at 02:23:43PM -0500, Pavlos Christoforou wrote:
I have not touched the authentication machinery yet so I must rely on other Zopistas efforts. There is a LoginManager which is part of the PTK. Seems to be well thought out, and it seems to provide a very general and broad solution to the authentication problem, but I have no idea whether or how it works.
The Login Manager looks good because, unlike GUF and UserDb, it allowed me to use the admin/supervisor password to authenticate straight away and so didn't lock me out of the directory. I actually gave up on GUF because I _couldn't_ get it to let me in in the first place to set up my db methods. The password that is supposed to be built in didn't work at all, neither did the supervisor one. To me this is the biggest problem with the other existing systems, that they lock you out of your site and there is little you can do about it. (In UserDb I had to comment out parts of the security code to get it to let me in and set it up properly. After it was set up it worked fine and I could put the code back.)
Another useful add on is for GUF to ship a complete example of its usage based on standard Zope objects (Folders etc). Maybe as an exported folder that the user can optionally import.
All authentication stuff from a database is going to require the person to customise their own sql we can't make custom authentication methods any easier than that, but in the simplest case this should be _all_ they have to do. The supervisor password should _always_ work in any authentication method from the beginning and it should be made clear that people are going to have to authenticate using that particular password until they have the rest of their site set up. Anyway, the LoginManager looks very clean. It already doesn't have a lot of the old problems and I like the abstraction. Now I just have to finish getting DCOracle working (annoying truncated .so files...). -- Evan ~ThunderFoot~ Gibson ~ nihil mutatem, omni deletum ~ May the machines watch over you with loving grace.
On Wed, Mar 15, 2000 at 02:23:43PM -0500, Pavlos Christoforou wrote:
I have not touched the authentication machinery yet so I must rely on other Zopistas efforts. There is a LoginManager which is part of the PTK. Seems to be well thought out, and it seems to provide a very general and broad solution to the authentication problem, but I have no idea whether or how it works.
The Login Manager looks good because, unlike GUF and UserDb, it allowed me to use the admin/supervisor password to authenticate straight away and so didn't lock me out of the directory.
I actually gave up on GUF because I _couldn't_ get it to let me in in the first place to set up my db methods. The password that is supposed to be built in didn't work at all, neither did the supervisor one.
I posted a work around for that on this mailing list a couple of days ago. And yes whilst it is frustrating it is no where near as hard as writing an authentication product from scratch (which from experience is difficult).
To me this is the biggest problem with the other existing systems, that they lock you out of your site and there is little you can do about it. (In UserDb I had to comment out parts of the security code to get it to let me in and set it up properly. After it was set up it worked fine and I could put the code back.)
Another useful add on is for GUF to ship a complete example of its usage based on standard Zope objects (Folders etc). Maybe as an exported folder that the user can optionally import.
Last time I used it came with a very simple example already. All you need to do is add in your logic and you're away. The SQL Howto on the website is very informative (cheers to whoever wrote that).
All authentication stuff from a database is going to require the person to customise their own sql we can't make custom authentication methods any easier than that, but in the simplest case this should be _all_ they have to do. The supervisor password should _always_ work in any authentication method from the beginning and it should be made clear that people are going to have to authenticate using that particular password until they have the rest of their site set up.
Anyway, the LoginManager looks very clean. It already doesn't have a lot of the old problems and I like the abstraction. Now I just have to finish getting DCOracle working (annoying truncated .so files...).
Sorry I think that the GUF is also very clean and quite easy to work with. I think GUF is great as it is. Thanks a lot to Zen for contributing it. Cheers, Benno
On Thu, Mar 16, 2000 at 10:12:08AM +1100, Ben Leslie wrote:
I actually gave up on GUF because I _couldn't_ get it to let me in in the first place to set up my db methods. The password that is supposed to be built in didn't work at all, neither did the supervisor one.
I posted a work around for that on this mailing list a couple of days ago. And yes whilst it is frustrating it is no where near as hard as writing an authentication product from scratch (which from experience is difficult).
Heh. I certainly wouldn't want to do it from scratch myself... I just tracked down your work around again and now remember why it didn't help me. I actually have a UserDb in my root directory and that's what I'm trying to get rid of (Since I'm moving to Oracle anyway I thought I'd change to a supported product since UserDb has been giving me a few obscure problems at times.) So since it doesn't support the admin user either your suggestion doesn't help. I will, however, try making a normal user folder in a subdirectory and then try to set GUF up in a subdirectory of that...
Anyway, the LoginManager looks very clean. It already doesn't have a lot of the old problems and I like the abstraction. Now I just have to finish getting DCOracle working (annoying truncated .so files...). Sorry I think that the GUF is also very clean and quite easy to work with.
Grin. Seeing I never managed to get into GUF's management interface in the first place I can't really comment on how clean it is.
I think GUF is great as it is. Thanks a lot to Zen for contributing it.
Definitely.
Benno
Evan Gibson. -- Evan ~ThunderFoot~ Gibson ~ nihil mutatem, omni deletum ~ May the machines watch over you with loving grace.
participants (4)
-
Ben Leslie -
Evan Gibson -
Hung Jung Lu -
Pavlos Christoforou