[Zope3-Users] Pluggable Authentication with stock user/manager principals?

Sebastian Bartos seth.kriticos at googlemail.com
Wed Jan 7 19:46:04 EST 2009


Hello there Zope3 folks,

I'm kind of new to Zope 3. Was playing around with Zope 2 and Plone for
a while before I settled with Zope 3 a few months ago. Starting to get
the hang out of it (well, slowly).

Anyway, still have some issues. Right now I'm working on the user
registration and authentication system for a community site project.
Managed to get the PAU with sessions and the form authenticator into the
system, but got a bit stuck on how to combine it with the stock
principals like the admin user and the zcml files. The security and
authentication system of Zope 3 still makes me wonder. Anybody got some
good reference and/or tutorial I may have missed with google there? (Was
already searching quite a bit, turning in circles now).

--- NOTE: My view of Zope 3 after only a very few month of experience
with it is following. More philosophical, stop reading if not
interested! ---

Anyway, just to cheer up the mood on the list. Now that I start to
understand Zope 3 I really love it. I basically did the crash course
coming from C/C++ to Zope 3 without the general Python part. Now I try
to do some other projects in Python not related to Zope and they are
just somehow painful. Miss the schema based data structures, the object
database and a bunch of other things.

Side question: is there an easy way to take small parts of Zope 3, like
for example the schema system to another project without taking the
whole Zope server?

What also quite annoyed me with the 'normal' python crowd is that they
just mean to use .INI based configuration (which I don't like coming
from a Linux based environment). Of course the zcml system does a lot of
magic that is quite hard to gasp, but I understood it's purpose
(refactoring) and it's quite nice.

Also read the book of Philipp von Weisenhausen. It has some nice
sections (especially the first 2/3-rd of the book), but somehow I get
the feeling that he lost the thread in the last section. I mean, most of
the things there are just hinted with a "the rest is up to you" and it
has some inconsistencies too. Also the examples in the last part (with
the login form for example) are broken on my system. Maybe that is just
local to me. Still for a book of this magnitude (especially if it is one
of only two books) would do much better with a support forum (just a
place for people to meet and throw in ideas, discuss questions that may
arise). Now doing a some searching on the web it seems that Weisenhausen
is not into the topic too much since more than a year.

Also things like z3labs being down and indexed by google a lot are no
good for getting confidence.

I know Zope 3 is alive and well, but it really seems to me that most of
the communication is going on the source level and it is really hard for
newcomers to get the entry to this wonderful system.

The Zope 3 book also says it is out of date on the wiki page. Also not
very encouraging.

Well, because I just start to like the system so much I just wonder
about all these issues and wanted to put a current newcomer perspective
on the list.

Maybe things can be done better. I may also be able to contribute to the
documentation having a little experience on writing if there were a few
people interested in a bit of this kind of activity maybe as a group.

That's not all, but I don't want to take more of your time now. Tanks
for reading and I would be glad to hear some opinions on the topic.

-- 
Sebastian Bartos, <seth.kriticos at googlemail.com>
keyserevr: pgp.mit.edu
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
Url : http://mail.zope.org/pipermail/zope3-users/attachments/20090108/32980395/attachment.bin 


More information about the Zope3-users mailing list