[Zope-dev] struggeling with a sessionbased LoginMethod
Joseph Wayne Norton
norton@alum.mit.edu
Wed, 07 Nov 2001 23:41:06 +0900
Joachim -
I can't help you with LoginManager, but I did build a customized
version of the acl_users folder that is tightly integrated with core
session tracking. You might want to consider using it or simply to
duplicate the same behavior. Please see the e-mail below.
regards,
- joe n
At Mon, 29 Oct 2001 15:35:03 +0900,
norton wrote:
>
>
> I have updated the tarball for CoreSessionUserFolder product (version
> 0.0.3) on the zope.org website. You can access the tarball from my
> home page at:
>
> http://www.zope.org/Members/natsukashi/index.html
>
> I have changed the implementation slightly and refined the usage
> model. The basic idea is that an anonymous session object is
> automatically converted into a zope user object given some trigger
> criteria. After conversion to a zope user object, the anonymous web
> user is granted access via zope's security machinery to some protected
> resource (like index_html). The session user/object will then be
> automatically deleted unless the session's life is extended by another
> trigger criteria. By using CookieCrumbler in conjunction with
> CoreSessionUserFolder, all of the login/logout mechanisms are nicely
> hidden from the anonymous user.
>
> I have also included a small demo *.zexp (install/README.txt) that can
> be used out-of-the-box once all of the necessary patches
> (patches.README.txt) have been applied. It requires zope 2.4.*, CST
> 0.0.9, and the cookie crumbler product.
>
> I have labeled it a prototype simply because it has not been reviewed
> yet outside of our organization. Unless there are any troubles, this
> product will be in production usage tomorrow. You can access the
> website (a fortune telling site) given the following url:
>
> http://www.unkei.com/unkei/menu.html
>
> A CoreSessionUserFolder backs each of the content menus and implements
> a pay-per-view service where a credit card purchase acts as the
> session extending trigger. Unfortunately, the content is only in
> Japanese and a payment using a major credit card is required to view
> the content.
>
> Obviously, any feedback good or bad are appreciated.
>
> - joe n.
>