Jason Leach wrote:

Zope:

If I need to authentication agains a SQL db, is it worth using a product like PluggableUserFolder or can I just whip up a form, query and PythonScript to do this? I don't need to add or manage users, just authenticate them? Check user/passwd.

Jason.

Hello, if you want your users to be full Zope users, then yes, you need to use a custom User folder. If not, then you need to make sure that each and every request includes a call to your auth function and validates each request to make sure that the user is still online. There are some use cases when this is acceptable (I have developed such as system with TTW code and it works very well), however this measn that you are totally by-passing Zope security; i.e. Zope will conisder each request as made by the anonymous user. If this is not what you expect, then I suggest you study what userfolder repalcements are avialble. Fos CPS I think (not sure) you need to find a plug-in for Pluggable User Folder; if you are not using CPS then I can recommend, Extensible User Folder (XUF) which is sort of like the swiss-army knife of user folders or SimpleUSerFolder which is really simple bu is designed specifically for this use case. Hope this helps /dario -- -- ------------------------------------------------------------------- Dario Lopez-Kästen, IT Systems & Services Chalmers University of Tech.