Re: pyramid_beaker vs beaker wsgi middleware
On Tue, Mar 01, 2011 at 01:35:46PM -0500, Tres Seaver wrote: > > sorry for some kind of off-topic, but what's the status on repoze.who > > 2.0? It seems a great piece of software, but why it's still in alpha > > stage? ... > Note that the core design, and much of the code, comes from r.who 1, > which has been in heavy use for years now. As an extra data point: we've also been using 2.0 in a project and it's been very solid. -- Brian Sutherland -- You received this message because you are subscribed to the Google Groups "pylons-devel" group. To post to this group, send email to pylons-devel@googlegroups.com. To unsubscribe from this group, send email to pylons-devel+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/pylons-devel?hl=en.
Re: pyramid_beaker vs beaker wsgi middleware
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 03/01/2011 04:02 AM, Andrey Popp wrote: > Hello Tres, > >> FWIW, repoze.who 2.0 explicitly works to enable / ease using the >> machinery where needed in the app by exposing the configured plugins via >> an API (the login and logout views are the obvious consumers). It also >> retainis the flexibility of middleware for enforcing policies. > > sorry for some kind of off-topic, but what's the status on repoze.who > 2.0? It seems a great piece of software, but why it's still in alpha > stage? 'alpha' means (to me, anyway) "maybe not feature complete." I've been working on another project which uses r.who 2, and which might (but I think likely won't) drive at least one more feature. I need about a half day free to get clarity on that issue. Note that the core design, and much of the code, comes from r.who 1, which has been in heavy use for years now. Tres. - -- === Tres Seaver +1 540-429-0999 tsea...@palladion.com Palladion Software "Excellence by Design"http://palladion.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk1tPIIACgkQ+gerLs4ltQ4tAACgjFKhI/HiYwoJKN3qh4NXi6hZ IW4AoLWVPm4ld73+7283dU4Rd3aFqGDz =E2qK -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "pylons-devel" group. To post to this group, send email to pylons-devel@googlegroups.com. To unsubscribe from this group, send email to pylons-devel+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/pylons-devel?hl=en.
Re: pyramid_beaker vs beaker wsgi middleware
Hello Tres, > FWIW, repoze.who 2.0 explicitly works to enable / ease using the > machinery where needed in the app by exposing the configured plugins via > an API (the login and logout views are the obvious consumers). It also > retainis the flexibility of middleware for enforcing policies. sorry for some kind of off-topic, but what's the status on repoze.who 2.0? It seems a great piece of software, but why it's still in alpha stage? -- You received this message because you are subscribed to the Google Groups "pylons-devel" group. To post to this group, send email to pylons-devel@googlegroups.com. To unsubscribe from this group, send email to pylons-devel+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/pylons-devel?hl=en.
Re: pyramid_beaker vs beaker wsgi middleware
Clearly it will take time for individuals to understand which functionality best belongs in each layer. REMOTE_USER makes great middleware but it's trivial to move that bit, or sessions, into or out of Pyramid as desired. -- You received this message because you are subscribed to the Google Groups "pylons-devel" group. To post to this group, send email to pylons-devel@googlegroups.com. To unsubscribe from this group, send email to pylons-devel+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/pylons-devel?hl=en.
Re: pyramid_beaker vs beaker wsgi middleware
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 02/28/2011 09:46 AM, Daniel Holth wrote: >> There seems to be a trend in pyramid development of re-implementing a >> lot of what was previously done in various layers of wsgi middleware >> ( session, auth, ...) and moving those part inside the main >> application layer. Is there a reason for this? >> > > On the other hand, you probably aren't going to see gzip compression > re-implemented as a Pyramid component. > > WSGI is not a convenient way to compose integrated applications. WSGI > middleware lets you pretend your web server has a sessions feature, but the > only integration point is an awkward 'stick something in environ' interface. > > I've tried using middleware to add a login form to my application, and then > I tried implementing the login form in the application itself. It was > awkward and frustrating to setup a system that handles requests at two > layers of the call stack. It was much easier and smoother to just add the > login form to my application. I think this is a strong sign that > authentication is part of the application and belongs there. I would say that the login form may belong in the app (but ware SSO deployments!), but that the challenge machinery works *better* as middleware, because it allows your app to function better in mixed environments. FWIW, repoze.who 2.0 explicitly works to enable / ease using the machinery where needed in the app by exposing the configured plugins via an API (the login and logout views are the obvious consumers). It also retainis the flexibility of middleware for enforcing policies. Tres. - -- === Tres Seaver +1 540-429-0999 tsea...@palladion.com Palladion Software "Excellence by Design"http://palladion.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk1r01QACgkQ+gerLs4ltQ5TZQCeP0MCUvLOO0Y5GSSlwv7+lKd9 UHcAmwT7CP0G09u90rxj1zUaE25xPrsk =reoG -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "pylons-devel" group. To post to this group, send email to pylons-devel@googlegroups.com. To unsubscribe from this group, send email to pylons-devel+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/pylons-devel?hl=en.
Re: pyramid_beaker vs beaker wsgi middleware
On Sun, Feb 27, 2011 at 2:15 PM, oO wrote: > Sorry if this is a basic question, but as I'm starting to add more and > more layers of complexity to my first pyramid based applications, I'm > starting to wonder about some of the benefits of using pyramid > specific implementations as opposed to re-using the existing WSGI > plumbing (like I was doing with pylons) > > Sow what is the difference between installing beaker as a wsgi > middleware, vs using the pyramid_beaker package? > > Is it only that you end up accessing the session from request.session > instead of request.environ['beaker.session'] or are there other > advantages? > When you use request.session you are using the session interface documented by Pyramid. You can use beaker, or the built-in session implementation, or you could write your own, without having to change your code. > There seems to be a trend in pyramid development of re-implementing a > lot of what was previously done in various layers of wsgi middleware > ( session, auth, ...) and moving those part inside the main > application layer. Is there a reason for this? > On the other hand, you probably aren't going to see gzip compression re-implemented as a Pyramid component. WSGI is not a convenient way to compose integrated applications. WSGI middleware lets you pretend your web server has a sessions feature, but the only integration point is an awkward 'stick something in environ' interface. I've tried using middleware to add a login form to my application, and then I tried implementing the login form in the application itself. It was awkward and frustrating to setup a system that handles requests at two layers of the call stack. It was much easier and smoother to just add the login form to my application. I think this is a strong sign that authentication is part of the application and belongs there. Let WSGI implement the Web Server. -- You received this message because you are subscribed to the Google Groups "pylons-devel" group. To post to this group, send email to pylons-devel@googlegroups.com. To unsubscribe from this group, send email to pylons-devel+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/pylons-devel?hl=en.
