[Zope-dev] PAS, AuthEncoding and zope.password

Martijn Pieters mj at zopatista.com
Sun Feb 20 06:39:57 EST 2011


On Sun, Feb 20, 2011 at 11:56, Hanno Schlichting <hanno at hannosch.eu> wrote:
> Yes, changing the existing interface would require a 4.0. If you'd add
> a new interface extending the IPasswordManager one, we could do it in
> a 3.x release.
>
> A new zope.password 3.x release could go into both ZTK 1.1 and 1.0, a
> backwards incompatible 4.0 would have to wait for ZTK 1.2.

Right. What would be a suitable name for the extended interface?
IMatchingPasswordManager?

I've committed a revision that implements this as an extension to the
existing interface:

  http://zope3.pov.lt/trac/changeset/120458/zope.password/trunk

but that's easy enough to change.

I've also found that the SHA1 scheme in zope.password uses the {SHA1}
prefix, which is incompatible with LDAP and
AccessControl.AuthEncoding, which both use {SHA} instead. I'll change
zope.password to support {SHA} as well, defaulting to that prefix.

>> What version of Zope2 can start using the
>> new AccessControl package with a "zope.password >= 4.0.0" dependency?
>
> This depends on the changes in AccessControl and how backwards
> compatible they are.
>
> If backwards compatibility is preserved, this can go into Zope 2.13
> and trunk, since we allow minor feature additions in the stable
> series. Zope 2.12 is at a 2.12.15 release now and at the end of its
> lifecycle - it'll only see bugfixes.

It'll be backwards compatible. I'm planning to keep supporting legacy
schemes registered with registerScheme, with listSchemes listing
zope.password managers as well.

The only thing that could perhaps be removed are the SSHADigestScheme
and SHADigestSCheme classes, as these will be completely redundant
with zope.password support.

-- 
Martijn Pieters


More information about the Zope-Dev mailing list