[Zope-dev] Cookie Crumbler and similar products (Re: Zope 2.6 project updated)

[Christian Theune]

Well. (This answer could also be posted a bit up the thread)

I think we see that Cookie Crumbler may not be the solution to what i
originally itended - the availability of cookie based authentication
in the standard userfolder. Due to its problems, it seems as if it would
be best, to extend the first userfolder again (currently a userfolder
on the api has no idea about different authentication methods at all, or am
i wrong?) but this would break the api - which changed in 2.5 afairk already
- again, which i do not desire just for the sake of proper logout of management
interface / cookie logins ... but i still believe it would be good to be there.

Greetings

Christian

On Tue, Mar 05, 2002 at 03:31:50PM -0500, Trevor Toenjes wrote:
> I like the idea of adding cookie auth to the API.  The user product choices
> are convoluted and I think the community would benefit from adding standard
> capability to the core.
> 
> Adding to that...
> my priority would be to extend acl_users folder to allow for built-in
> storage of additional user properties beyond username/password.
> Yes, there are user products that do this to a point, but an API that allows
> you to simply do it in ZODB would be ideal.
> 
> Maybe someone more familiar could determine a "best of" integration that
> addresses acl_users folder extensibility and security to add this to Z2.6.
> 
> -Trevor
> 

-- 
Christian Theune - ct@gocept.com
gocept gmbh & co.kg - schalaunische strasse 6 - 06366 koethen/anhalt
tel.+49 3496 3099112 - fax.+49 3496 3099118 mob. - 0178 48 33 981

reduce(lambda x,y:x+y,[chr(ord(x)^42) for x in 'zS^BED\nX_FOY\x0b'])