[Zope-dev] Authentication Patch
Stuart 'Zen' Bishop
zen@cs.rmit.edu.au
Thu, 27 Jan 2000 14:01:35 +1100 (EST)
On Tue, 25 Jan 2000, Anthony Baxter wrote:
> I'm trying to puzzle through the access control code - right now,
> if a login validate method fails, they typically do something like
> raise 'LoginRequired', self.docLogin(self, request)
>
> should they just, in this case, return back None, and let the machinery
> deal with it? Hm, in that case, wouldn't that then just recurse back through
That would be correct.
> the parent folders looking for additional access controls? So if you had
> /a/acl_users and /a/b/acl_users, and both used something like the above,
> a request to /a/b/foo would get the /a/acl_users' docLogin page... ?
Yes. I don't see a problem with this as long as its documented. It
would be possible for /a/acl_users to see if the hook as already been
modified, and not mess with it if that is the case.
--
___
// Zen (alias Stuart Bishop) Work: zen@cs.rmit.edu.au
// E N Senior Systems Alchemist Play: zen@shangri-la.dropbear.id.au
//__ Computer Science, RMIT WWW: http://www.cs.rmit.edu.au/~zen