[Repoze-dev] [issue174] repoze.who 2.0a3 doesn't respect the WSGI PEP

[Tres Seaver]

Tres Seaver tsea...@agendaless.com added the comment:

I have committed an extension of the fix for the 2.0 final release which
closes the iterable before raising the RuntimeError when no challenger is
available.

--
status: chatting - resolved

__
Repoze Bugs b...@bugs.repoze.org
http://bugs.repoze.org/issue174
__
___
Repoze-dev mailing list
Repoze-dev@lists.repoze.org
http://lists.repoze.org/listinfo/repoze-dev

[Repoze-dev] [issue66] remove port from cookie path

[Tres Seaver]

Tres Seaver tsea...@agendaless.com added the comment:

Fix committed for the 2.0 final release.

--
status: chatting - resolved

__
Repoze Bugs b...@bugs.repoze.org
http://bugs.repoze.org/issue66
__
___
Repoze-dev mailing list
Repoze-dev@lists.repoze.org
http://lists.repoze.org/listinfo/repoze-dev

[Repoze-dev] [issue99] max_age in repoze.who-friendlyform

[Tres Seaver]

Tres Seaver tsea...@agendaless.com added the comment:

The form plugins are deprecated, and no longer distributed with
repoze.who 2.0:

  http://svn.repoze.org/repoze.who.deprecatedplugins/tags/2.0/

--
status: unread - deferred

__
Repoze Bugs b...@bugs.repoze.org
http://bugs.repoze.org/issue99
__
___
Repoze-dev mailing list
Repoze-dev@lists.repoze.org
http://lists.repoze.org/listinfo/repoze-dev

[Repoze-dev] [issue89] AuthTktPlugin fails with Opera, if non-standard port used

[Tres Seaver]

Tres Seaver tsea...@agendaless.com added the comment:

This is indeed a duplicate of issue55.

The port is now stripped on the trunk:  this fix should appear in the 2.0 final
release.

--
status: chatting - resolved

__
Repoze Bugs b...@bugs.repoze.org
http://bugs.repoze.org/issue89
__
___
Repoze-dev mailing list
Repoze-dev@lists.repoze.org
http://lists.repoze.org/listinfo/repoze-dev

[Repoze-dev] Announce: repoze.who 2.0 final released

[Tres Seaver]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On behalf of the repoze developers, I am pleased to announce the 2.0
release of the repoze.who authentication / authorization framework for
Python web applications.

Major features
==

- - Refactored the core framework to permit usage as an API from within
application code (e.g., for tighter integration of views such as
login forms). Applications using 'repoze.who'` now fall into
one of three catgeories:

- - middleware-only applications are configured with middleware, and
use either 'REMOTE_USER' or 'repoze.who.identity' from the
environment to determing the authenticated user.

- - bare metal applications use no 'repoze.who' middleware at all:
instead, they configure and an 'APIFactory' object at startup, and
use it to create an 'API' object when needed on a per-request
basis.

- - hybrid applications are configured with 'repoze.who' middleware,
but use a new library function to fetch the 'API' object from the
environ, e.g. to permit calling 'remember' after a signup or
successful login.

- - Enabled standard use of logging module's configuration mechanism.

Deprecations


- - Deprecated the following plugins, moving their modules, tests, and
docs to a new project, 'repoze.who.deprecatedplugins':

- - 'repoze.who.plugins.cookie.InsecureCookiePlugin' (applications
should use 'repoze.who.plugins.auth_tkt.AuthTktPlugin' instead).

- - 'repoze.who.plugins.form.FormPlugin' (applications should implement
their own login forms, and use the new
'repoze.who.plugins.redirector.Redirector' plugin to issue the
appropriate challenge).

- - 'repoze.who.plugins.form.RedirectingFormPlugin' (applications should
implement their own login forms, and use the new
'repoze.who.plugins.redirector.Redirector' plugin to issue the
appropriate challenge).

Backward Incompatibilities
~~

- - The middleware used to allow identifier plugins to pre-authenticate
an identity. This feature is no longer supported: the 'auth_tkt'
plugin, which used to use the feature, is now configured to work as
an authenticator plugin (as well as an identifier).

- - The 'repoze.who.middleware:PluggableAuthenticationMiddleware' class
no longer has the following (non-API) methods (now made API methods
of the 'repoze.who.api:API' class):

- - 'add_metadata'
- - 'authenticate'
- - 'challenge'
- - 'identify'

- - The following (non-API) functions moved from 'repoze.who.middleware'
to 'repoze.who.api':

- - 'make_registries'
- - 'match_classification'
- - 'verify'

Please report bugs to the repoze bug tracker:

http://bugs.repoze.org/

Questions should be directed to the 'repoze-dev@lists.repoze.org' mailing
list.

Enjoy!


Tres.
- -- 
===
Tres Seaver  +1 540-429-0999  tsea...@palladion.com
Palladion Software   Excellence by Designhttp://palladion.com

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk6DdqYACgkQ+gerLs4ltQ7jqACfd38u5XScdDC7Qq3lyUeY0lZF
81MAn3FMSr20vYt+ToioRiei2ekBvfh8
=3nSc
-END PGP SIGNATURE-
___
Repoze-dev mailing list
Repoze-dev@lists.repoze.org
http://lists.repoze.org/listinfo/repoze-dev