[Zope-CMF] change_password doesn't (because MemberData makes
invalid assumptions)
Jens Vagelpohl
jens at zope.com
Thu Aug 14 08:53:23 EDT 2003
> Yes, bad example, I admit. I read between the lines that when
> providing a user folder one has to provide membership/data components
> as well. Can do.
Not necessarily. If you user folder acts just like the standard user
folder and has all the methods expected by the standard CMF tools then
you don't. Unfortunately some APIs on the normal user folder are simply
inappropriate for the LDAPUserFolder, so it has some slightly different
APIs and therefore needs some slightly different membership tools for
the CMF.
> Remains the question, why credentialsChanged() is not allowed to
> modify the user database. Or more specific, if I have a user folder
> that provdes the credentialsChanged() API to make portal_membership
> think it is a LoginManager, is it allowed to change the user database
> at this point? If not, why?
Here's what the interfaces file says for the credentialsChanged method::
Notifies the authentication mechanism that this user has changed
passwords. This can be used to update the authentication
cookie.
Note that this call should *not* cause any change at all to user
databases.
I read this as being only for notification purposes, not for doing the
actual work.
jens
More information about the Zope-CMF
mailing list