[Zope] Form-based login/cookies/exUserFolder

Andy Gimblett andy.gimblett@ftech.net
Mon, 9 Jul 2001 11:12:28 +0100


Hi all,

I'm struggling with several aspects user authentication, perhaps
someone can help me out? I've tried to put the pieces together
myself, but there are big gaps...

Firstly, I need form-based login/logout - not a popup window.
Am I correct that to do this I need cookie based
authentication not basic authentication? If so, why is that?
What's the mechanism here?

I've been using exUserFolder, and it seems pretty cool - I'm
authenticating against a MySQL table and I've been
able to write my own authentication routines and plug them in
without any problem. But I can't get it to do form-based logins.
When you create an exUserFolder it asks if you want basic or
cookie authentication, but this seems to make no difference to
whether or not I get the basic authentication pop-up box. Does
anyone have any ideas or input as to what I'm doing wrong?

I've also played a bit with Core Session Tracking, and I'm
wondering if and how to integrate that with this process. :-) In
particular I want to automatically log people in under
certain circumstances. Is CST overkill? Should I just set and
look for a cookie in my exUserFolder-based auth routines? But
then wouldn't CST be a good way of managing those cookies rather
than doing it by hand?

All advice appreciated, and if any amazingly kind person wants to
discuss this on #zope, I'm there too. :-)

Cheers,

-Andy

-- 
Andy Gimblett - Programmer - Frontier Internet Services Limited
Tel: 029 20 820 044 Fax: 029 20 820 035 http://www.frontier.net.uk/
Statements made are at all times subject to Frontier's Terms and
Conditions of Business, which are available upon request.