[Zope-PAS] Cookie Auth Monopolizes Challenge?

Sidnei da Silva sidnei at enfoldsystems.com
Sat Aug 13 00:34:02 EDT 2005


On Thu, Aug 11, 2005 at 11:14:53PM -0300, Sidnei da Silva wrote:
| So my proposal would be to special-case the IChallengePlugin and let
| the site manager (or whatever title the person in charge of
| configuring PAS has) select which set of 'protocols' is allowed for
| each 'request type', where 'request type' would fall into 'browser,
| xml-rpc, webdav, ftp' but could be extended to support new
| request type. In fact, maybe this part could even be abstracted into a
| 'IRequestTypeSniffer' plugin.

So, here it is. I've implemented this idea and it has been checked
in. You can find it on the branch:

  sidnei-challenge-protocol-chooser

I've added a functional doctest to exemplify how it works:

http://cvs.zope.org/Products/PluggableAuthService/plugins/tests/Attic/ChallengeProtocolChooser.txt?rev=1.1.2.1&only_with_tag=sidnei-challenge-protocol-chooser

I would like to merge this branch early next week and make a new
release of PAS if everyone is fine with it (Remember: silence is
consent!) for inclusion on the next beta release of Enfold Server
which is scheduled for Wednesday, Aug 17.

-- 
Sidnei da Silva
Enfold Systems, LLC.
http://enfoldsystems.com


More information about the Zope-PAS mailing list