[Repoze-dev] integrating repoze.bfg with OAuth, OpenID, FacebookConnect etc... for authentication
Hi Folks I am looking for some advice. I need to be able to use multiple authentication sources for a new repoze.bfg based app. Do you think I should should use repoze.who etc... or try and hook the various auth directly under bfg's existing authenctication model ? Thanks Tim ___ Repoze-dev mailing list Repoze-dev@lists.repoze.org http://lists.repoze.org/listinfo/repoze-dev
Re: [Repoze-dev] integrating repoze.bfg with OAuth, OpenID, FacebookConnect etc... for authentication
I don't think it makes much of a difference if you need to write it all from scratch anyway. Either would be fine. - C Tim Hoffman wrote: Hi Folks I am looking for some advice. I need to be able to use multiple authentication sources for a new repoze.bfg based app. Do you think I should should use repoze.who etc... or try and hook the various auth directly under bfg's existing authenctication model ? Thanks Tim ___ Repoze-dev mailing list Repoze-dev@lists.repoze.org http://lists.repoze.org/listinfo/repoze-dev ___ Repoze-dev mailing list Repoze-dev@lists.repoze.org http://lists.repoze.org/listinfo/repoze-dev
Re: [Repoze-dev] integrating repoze.bfg with OAuth, OpenID, FacebookConnect etc... for authentication
Hi Chris On the face of it then , I will probably do the work as plugins to repoze.who as it seems there are a few repoze.who plugins already in existence for OAuth , openid, facebook connect etc that I can hopefully leverage off. Cheers T On Mon, Jan 25, 2010 at 6:46 PM, Chris McDonough chr...@plope.com wrote: I don't think it makes much of a difference if you need to write it all from scratch anyway. Either would be fine. - C Tim Hoffman wrote: Hi Folks I am looking for some advice. I need to be able to use multiple authentication sources for a new repoze.bfg based app. Do you think I should should use repoze.who etc... or try and hook the various auth directly under bfg's existing authenctication model ? Thanks Tim ___ Repoze-dev mailing list Repoze-dev@lists.repoze.org http://lists.repoze.org/listinfo/repoze-dev ___ Repoze-dev mailing list Repoze-dev@lists.repoze.org http://lists.repoze.org/listinfo/repoze-dev
Re: [Repoze-dev] integrating repoze.bfg with OAuth, OpenID, FacebookConnect etc... for authentication
That would be a good reason to use r.who in this case, sure. Of course, if you don't have enough control when you use r.who, you can always take the code internal if you need to by creating a BFG authentication policy based on the code from these plugins. Tim Hoffman wrote: Hi Chris On the face of it then , I will probably do the work as plugins to repoze.who as it seems there are a few repoze.who plugins already in existence for OAuth , openid, facebook connect etc that I can hopefully leverage off. Cheers T On Mon, Jan 25, 2010 at 6:46 PM, Chris McDonough chr...@plope.com wrote: I don't think it makes much of a difference if you need to write it all from scratch anyway. Either would be fine. - C Tim Hoffman wrote: Hi Folks I am looking for some advice. I need to be able to use multiple authentication sources for a new repoze.bfg based app. Do you think I should should use repoze.who etc... or try and hook the various auth directly under bfg's existing authenctication model ? Thanks Tim ___ Repoze-dev mailing list Repoze-dev@lists.repoze.org http://lists.repoze.org/listinfo/repoze-dev ___ Repoze-dev mailing list Repoze-dev@lists.repoze.org http://lists.repoze.org/listinfo/repoze-dev ___ Repoze-dev mailing list Repoze-dev@lists.repoze.org http://lists.repoze.org/listinfo/repoze-dev
Re: [Repoze-dev] integrating repoze.bfg with OAuth, OpenID, FacebookConnect etc... for authentication
Hi Chris Control was definately one of the concerns. But I am only relying on a potential pool of authentication providers (google, facebook, myspace ) for basic user auth. It is also possible that I may need to run on appengine, so I may take the approach of building repoze.who plugins along the line of the existing AEoid wsgi middleware by Nick Johnson (http://blog.notdot.net/2009/12/OpenID-on-App-Engine-made-easy-with-AEoid) for openid that mirrors much of the existing google app engine user auth api. I am still just collecting ideas for approaches at the moment, trying to see what code is out there that I can leverage off. I also have a requirement for an authorization model that is fairly sophisticated (once I have identified users) with persistent ACL's and some workflow. T On Mon, Jan 25, 2010 at 10:02 PM, Chris McDonough chr...@plope.com wrote: That would be a good reason to use r.who in this case, sure. Of course, if you don't have enough control when you use r.who, you can always take the code internal if you need to by creating a BFG authentication policy based on the code from these plugins. Tim Hoffman wrote: Hi Chris On the face of it then , I will probably do the work as plugins to repoze.who as it seems there are a few repoze.who plugins already in existence for OAuth , openid, facebook connect etc that I can hopefully leverage off. Cheers T On Mon, Jan 25, 2010 at 6:46 PM, Chris McDonough chr...@plope.com wrote: I don't think it makes much of a difference if you need to write it all from scratch anyway. Either would be fine. - C Tim Hoffman wrote: Hi Folks I am looking for some advice. I need to be able to use multiple authentication sources for a new repoze.bfg based app. Do you think I should should use repoze.who etc... or try and hook the various auth directly under bfg's existing authenctication model ? Thanks Tim ___ Repoze-dev mailing list Repoze-dev@lists.repoze.org http://lists.repoze.org/listinfo/repoze-dev ___ Repoze-dev mailing list Repoze-dev@lists.repoze.org http://lists.repoze.org/listinfo/repoze-dev ___ Repoze-dev mailing list Repoze-dev@lists.repoze.org http://lists.repoze.org/listinfo/repoze-dev
Re: [Repoze-dev] integrating repoze.bfg with OAuth, OpenID, FacebookConnect etc... for authentication
My experience so far with helping people who want lots and lots of control about how a login UI works with r.who has not been stellar; this is the only reason I mention being able to cutnpaste code into a BFG authentication policy. When you use a custom authentication policy, you can still control the horizontal and vertical of login and logout, whereas with r.who, you typically have less control. - C Tim Hoffman wrote: Hi Chris Control was definately one of the concerns. But I am only relying on a potential pool of authentication providers (google, facebook, myspace ) for basic user auth. It is also possible that I may need to run on appengine, so I may take the approach of building repoze.who plugins along the line of the existing AEoid wsgi middleware by Nick Johnson (http://blog.notdot.net/2009/12/OpenID-on-App-Engine-made-easy-with-AEoid) for openid that mirrors much of the existing google app engine user auth api. I am still just collecting ideas for approaches at the moment, trying to see what code is out there that I can leverage off. I also have a requirement for an authorization model that is fairly sophisticated (once I have identified users) with persistent ACL's and some workflow. T On Mon, Jan 25, 2010 at 10:02 PM, Chris McDonough chr...@plope.com wrote: That would be a good reason to use r.who in this case, sure. Of course, if you don't have enough control when you use r.who, you can always take the code internal if you need to by creating a BFG authentication policy based on the code from these plugins. Tim Hoffman wrote: Hi Chris On the face of it then , I will probably do the work as plugins to repoze.who as it seems there are a few repoze.who plugins already in existence for OAuth , openid, facebook connect etc that I can hopefully leverage off. Cheers T On Mon, Jan 25, 2010 at 6:46 PM, Chris McDonough chr...@plope.com wrote: I don't think it makes much of a difference if you need to write it all from scratch anyway. Either would be fine. - C Tim Hoffman wrote: Hi Folks I am looking for some advice. I need to be able to use multiple authentication sources for a new repoze.bfg based app. Do you think I should should use repoze.who etc... or try and hook the various auth directly under bfg's existing authenctication model ? Thanks Tim ___ Repoze-dev mailing list Repoze-dev@lists.repoze.org http://lists.repoze.org/listinfo/repoze-dev ___ Repoze-dev mailing list Repoze-dev@lists.repoze.org http://lists.repoze.org/listinfo/repoze-dev ___ Repoze-dev mailing list Repoze-dev@lists.repoze.org http://lists.repoze.org/listinfo/repoze-dev
Re: [Repoze-dev] integrating repoze.bfg with OAuth, OpenID, FacebookConnect etc... for authentication
HI Chris Good points raised and could well be an significant requirement. I have not yet used repoze.who and have limited experience with wsgi middleware (Beaker with appengine based memcached session store is it) so I have wondered how you can hook up any ui to the middleware. T On Mon, Jan 25, 2010 at 10:39 PM, Chris McDonough chr...@plope.com wrote: My experience so far with helping people who want lots and lots of control about how a login UI works with r.who has not been stellar; this is the only reason I mention being able to cutnpaste code into a BFG authentication policy. When you use a custom authentication policy, you can still control the horizontal and vertical of login and logout, whereas with r.who, you typically have less control. - C Tim Hoffman wrote: Hi Chris Control was definately one of the concerns. But I am only relying on a potential pool of authentication providers (google, facebook, myspace ) for basic user auth. It is also possible that I may need to run on appengine, so I may take the approach of building repoze.who plugins along the line of the existing AEoid wsgi middleware by Nick Johnson (http://blog.notdot.net/2009/12/OpenID-on-App-Engine-made-easy-with-AEoid) for openid that mirrors much of the existing google app engine user auth api. I am still just collecting ideas for approaches at the moment, trying to see what code is out there that I can leverage off. I also have a requirement for an authorization model that is fairly sophisticated (once I have identified users) with persistent ACL's and some workflow. T On Mon, Jan 25, 2010 at 10:02 PM, Chris McDonough chr...@plope.com wrote: That would be a good reason to use r.who in this case, sure. Of course, if you don't have enough control when you use r.who, you can always take the code internal if you need to by creating a BFG authentication policy based on the code from these plugins. Tim Hoffman wrote: Hi Chris On the face of it then , I will probably do the work as plugins to repoze.who as it seems there are a few repoze.who plugins already in existence for OAuth , openid, facebook connect etc that I can hopefully leverage off. Cheers T On Mon, Jan 25, 2010 at 6:46 PM, Chris McDonough chr...@plope.com wrote: I don't think it makes much of a difference if you need to write it all from scratch anyway. Either would be fine. - C Tim Hoffman wrote: Hi Folks I am looking for some advice. I need to be able to use multiple authentication sources for a new repoze.bfg based app. Do you think I should should use repoze.who etc... or try and hook the various auth directly under bfg's existing authenctication model ? Thanks Tim ___ Repoze-dev mailing list Repoze-dev@lists.repoze.org http://lists.repoze.org/listinfo/repoze-dev ___ Repoze-dev mailing list Repoze-dev@lists.repoze.org http://lists.repoze.org/listinfo/repoze-dev ___ Repoze-dev mailing list Repoze-dev@lists.repoze.org http://lists.repoze.org/listinfo/repoze-dev