[Grok-dev] Re: Grokwiki Security in Eggified Grok
Philipp von Weitershausen
philipp at weitershausen.de
Mon Aug 20 05:57:45 EDT 2007
Uli Fouquet wrote:
> By default the PAU added by the admin-UI parses site.zcml to grab the
> administrator users' name, password and roles.
I don't like this approach at all. I think the PAU that you install
should be able to fall back to the global IAuthentication utility (which
happens to be filled by the statements in site.zcml). There should be no
need for a local one-off copy of whatever is specified in site.zcml. As
we've seen, this leads to a lot of confusion.
It may be necessary to write a new authenticator plug-in that
specifically authenticates against the global principal registry. This
should be trivial, though.
In addition to that, having user management for the installed PAU would
be very nice indeed!
--
http://worldcookery.com -- Professional Zope documentation and training
More information about the Grok-dev
mailing list