Re: [Zope-PAS] Basic auth/challenge problem
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Jun 12, 2009, at 07:40 , Ian McCracken wrote: Recently upgraded from PAS 1.4 to 1.5.3 (and Zope 2.8.8 to 2.11.2). I'm having a new problem with basic auth; namely, that basic auth information is ignored when using wget. Browsers work fine, ZMI asks for basic auth creds. wget (and lynx, for that matter) doesn't. I don't know what kinds of plugins you're using, but this works perfectly fine for me on Zope 2.11.3 with PAS 1.6.1 when I instantiate the most basic set of plugins possible and activate them. This set of plugins include a Basic Auth Helper, a ZODB User Manager, and a ZODB Role Manager. jens -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.8 (Darwin) iEYEARECAAYFAkoyTYkACgkQRAx5nvEhZLIWQQCghpUpsCt2uXgBXWLAz1MerPlr IJ0AoJZbw4qvi6ZiRqGyuYeew3Mu+S4L =NOk8 -END PGP SIGNATURE- ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
Re: [Zope-PAS] _verifyUser() broken for anonymous
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sep 24, 2008, at 18:11 , Paul Winkler wrote: Any thoughts on the fix itself? I've got two branches now, against trunk and against 1.5: .../branches/slinkp-fix-anonymous-performance-branch .../branches/slinkp-fix-anonymous-performance-1.5-branch I can't see any good reason why this can't be merged to the trunk and the 1.5 branch, and no one else has complained. Go ahead, please. jens -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.8 (Darwin) iEYEARECAAYFAkjni+YACgkQRAx5nvEhZLKFmACdEa0VxfawzFfSQyh5RtkRCxJ4 m+UAn3O5YEEizQwseHwYodgHiQZHlFHL =Q4/k -END PGP SIGNATURE- ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
Re: [Zope-PAS] _verifyUser() broken for anonymous
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sep 23, 2008, at 20:55 , Paul Winkler wrote: (There does not seem to be a 1.6 branch.) We have informally decided to proceed with a simpler trunk + tags release policy, right now there's no need to add the complication of release branches. If for some reason a branch is really needed it's easy to cut it from the first 1.6 tag. jens -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.8 (Darwin) iEYEARECAAYFAkjZSZoACgkQRAx5nvEhZLJexgCgjv5c6eX0hrrKdAwbATJyLfqZ xNEAoJZjGOO26njuD4PUgCF2yyv0nYXW =Uzif -END PGP SIGNATURE- ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
Re: [Zope-PAS] Problems Upgrading PluggableAuthService
On Jan 30, 2008, at 14:01 , Mark Phillips wrote: I looked at the bug reports and found 2 that relate to this error: http://plone.org/products/remember/issues/44 http://plone.org/products/remember/issues/32 The suggested solution is to upgrade PluggableAuthService to version 1.5.2, which I did. I stopped zope, removed PluggableAuthService v 1.4.2 from the Products directory, installed the new PluggableAuthService v 1.5.2, and restarted zope. However, no one can log in now. The remember members are still alive and well, but entering the use name and password does nothing - no error, no logged event, just return to the login page. What else do I have to do to upgrade PluggableAuthService? There are no additional steps. In a case like this I would start by manually inspecting the user folder instance to make sure the plugin registrations are still correct. It may help to enable the verbose-security setting in zope.conf and remove Unauthorized from the swallowed exceptions in the error_log object in the ZMI, you may get tracebacks that point to the issue then. If that doesn't provide enough clues I would use the Python debugger to step through the login process. jens ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
Re: [Zope-PAS] Need old-style PAS 1.5.2.1 release
I have uploaded a new tarball to the same location. jens ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
[Zope-PAS] PAS collector moved to Launchpad
FYI, the old PAS collector has been moved to Launchpad: https://bugs.launchpad.net/zope-pas/ I have set up a team named zope-pas to receive bug requests etc, however, I need everyone who still wants to be a collector supporter to look at the team roster and let me know their Launchpad ID if they're not on the team: https://launchpad.net/~zope-pas/ I found a few of the people who are current supporters, but not all. A redirect is already in place to send people to the right place on Launchpad if they attempt to access the old collector. Please let me know if you see any problems. jens ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
Re: [Zope-PAS] Re: PAS 1.5 release plans?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 11 Jun 2007, at 15:14, Tres Seaver wrote: Are there plans for a PAS 1.5 release? 1.4 is over 10 months old now and I would like to be able to include something newer in Plone 3. If merging my z3-events branch is a factor in this I don't mind postponing merging that until 1.5 is out. I can do the release at any time, no one asked for it so far. I personally wouldn't mind if the event changes get merged before the release. Any other opinions out there? +1 for a near-term 1.5 release, including the event-based changes. OK, I'll target this coming Sunday (6/17) for a PAS release. Wichert, that's enough time for you to do your merging I assume? I'll also look at some of the collector issues. jens -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (Darwin) iD8DBQFGbVm7RAx5nvEhZLIRAiDXAJ4rUoTePL1IFtZBha21LTxUsU1uxgCcCZa5 6dirIeAJ/rgInmUZ/hs1Kj0= =GWVm -END PGP SIGNATURE- ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
Re: [Zope-PAS] Using Zope3 events
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 11 Jun 2007, at 00:22, Wichert Akkerman wrote: Previously Jens Vagelpohl wrote: On 9 Jun 2007, at 20:28, Wichert Akkerman wrote: I'm not quite happy with the current interfaces; I think it makes more sense to carry an IBasicUser instance in the event instead of the current userid and acl_users attributes. I'd do that if possible. I've done that now. Unless someone objects I'ld like to merge this into trunk. if it's all tested well then no objections from me. jens -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (Darwin) iD8DBQFGbH/YRAx5nvEhZLIRAvnbAJ93PGjwytP5G+2AHR/cKwFjJtuDswCghFP7 9JilOarUZqL4lLYtheep090= =g/As -END PGP SIGNATURE- ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
Re: [Zope-PAS] Re: proposal: IUserAdder plugins
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 6 May 2007, at 05:12, Miles wrote: -1, we can not change semantics of existing interfaces. I agree with this. Though the restriction is not documented anywhere: I am happy to add some explanatory notes though. It does not need to be documented because that is a generally accepted rune, not something specific to this project. Interfaces should not change out of the blue. If a change must be made there are mechanisms (deprecation warnings, etc) that can be used to tell people about impending changes, and they're usually employed for 2 releases. jens -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (Darwin) iD8DBQFGPfEhRAx5nvEhZLIRAlAgAJ9WQvtbvGYfuJFxyzLU8GIqkKDWWACfVLRk bBXX+KiZJHEF/xndT25xFpE= =Kdtc -END PGP SIGNATURE- ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
Re: [Zope-PAS] proposal: IUserAdder plugins
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 5 May 2007, at 17:00, Wichert Akkerman wrote: I think that a better approach would be to use events. I made a branch a while ago which has an event which is fired when a new user is created which solves your use case perfectly. That branch is still missing test for the events though. Someday I need to write those and offer it up for merging. Using events does indeed sound like the best solution, not just for this particular use case. I've been in quite a few situation where contortions were needed because one plugin needed to communicate with another one, which is pretty evil. Events are a good solution to any problem like that. jens -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (Darwin) iD8DBQFGPQkVRAx5nvEhZLIRAu58AJ9Vkd6QKmq8+FYrRpg0UoM555R76wCcD8tX d9kFyZmTaeexH+24uoW1mzU= =k9SE -END PGP SIGNATURE- ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
Re: [Zope-PAS] missing method in interfaces
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 4 May 2007, at 05:17, Miles wrote: Hi, The interfaces definition from the plugins directory defines: IRoleAssignerPlugin def doAssignRoleToPrincipal( principal_id, role ): However, it doesn't document any way to remove a role from a principal. Should there be a doRemoveRoleFromPrincipal ( principal_id ) method for this? zodbrolemanager provides a removeRoleFromPrincipal method which does this, and could be wired up in the same way as doAssignRoleToPrincipal is currently. Can I provide a patch to add it into the definition, and to zodbrolemanager? You're very welcome to provide any bug report or patch through the PAS collector: http://www.zope.org/Collectors/PAS/ jens -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (Darwin) iD8DBQFGOyxJRAx5nvEhZLIRAtcLAJ9Lv/7nO2SpJpsurzS89OyUDYVAYwCdFlqO OhG+IcKdv06ksix2AujjLac= =qlO+ -END PGP SIGNATURE- ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
Re: [Zope-PAS] easy way to list all ldap users from script??
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 16 Apr 2007, at 13:56, robert rottermann wrote: Hi there, I have installed LDAPUserfolder 2.8beta and LDAPMultiPlugun for Plone 2.5.0 Is there an easy way to list all users from a script. something like we have in the ZMI user tab of the LDAPUserFolder? You'll have to write your own, taking inspiration from the ZMI user tab you already noticed on the LDAPUserFolder. jens -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (Darwin) iD8DBQFGJd1dRAx5nvEhZLIRAu59AJ0fwhFM3HUQhvQmbtQyZbYOcnptBgCgmS5Y ovyzEO9IxwQm5d6O/HrsITU= =tirD -END PGP SIGNATURE- ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
Re: [Zope-PAS] Re: PluggableAuthService question about roles
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 3 Apr 2007, at 09:18, Wichert Akkerman wrote: How do zope-pas@zope.org and [EMAIL PROTECTED] related to each-other? I've always wondered that. They're one and the same thing :) If they're not, we have a problem. jens -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (Darwin) iD8DBQFGEhMKRAx5nvEhZLIRArGKAJkB4QqCn6idMaU98P+HDdJdSvElDgCfcAL7 cpW6gu+S96/PRPTw6UwXiNc= =GwHl -END PGP SIGNATURE- ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
[Zope-PAS] Re: [Checkins] SVN: PluggableAuthService/trunk/plugins/tests/test_exportimport.py Made tests pass with GenericSetup trunk.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Stefan, you just created a dependency on the CMF in the PluggableAuthService, which has nothing to do with the CMF. There has to be a better solution, otherwise the checkin must be reverted. jens On 25 Mar 2007, at 17:09, Stefan H. Holek wrote: Log message for revision 73609: Made tests pass with GenericSetup trunk. Changed: U PluggableAuthService/trunk/plugins/tests/test_exportimport.py -=- Modified: PluggableAuthService/trunk/plugins/tests/ test_exportimport.py === --- PluggableAuthService/trunk/plugins/tests/test_exportimport.py 2007-03-25 14:38:56 UTC (rev 73608) +++ PluggableAuthService/trunk/plugins/tests/test_exportimport.py 2007-03-25 15:09:38 UTC (rev 73609) @@ -34,7 +34,11 @@ from Products.GenericSetup.tests.conformance \ import ConformsToIFilesystemImporter -from Products.GenericSetup.tests.common import SecurityRequestTest +try: +from Products.GenericSetup.tests.common import SecurityRequestTest +except ImportError: +from Products.CMFCore.tests.base.testcase import SecurityRequestTest + from Products.GenericSetup.tests.common import DOMComparator from Products.GenericSetup.tests.common import DummyExportContext from Products.GenericSetup.tests.common import DummyImportContext ___ Checkins mailing list [EMAIL PROTECTED] http://mail.zope.org/mailman/listinfo/checkins -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (Darwin) iD8DBQFGBp/XRAx5nvEhZLIRAsdAAJsF55hb5aM7GwLp2uTc0LthcbKohQCgtdxj GCY4X5XDPcu4HsHun7e3G9o= =eR4B -END PGP SIGNATURE- ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
Re: [Zope-PAS] Failing to fill users properties, should it cause an error?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2 Feb 2007, at 19:45, Sidnei da Silva wrote: Now, some might argue that this is an application-specific policy. The fact is that there's no obvious way currently of 'vetoing' a login based on the lack of certain user properties (like the email example above). I would like to change PAS so this is possible to do. Any objections? Instead of adding yet another plugin type (I think there are too many as it is), shouldn't this be handled by an overridden plugin of one of the standard types, like maybe an overridden properties plugin? I think this is a very narrowly focused functionality that only very few users may ever need. Providing a more specialized standard plugin for a specific customer with that need is what I would do instead. jens -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (Darwin) iD8DBQFFw4wXRAx5nvEhZLIRApayAJ9v1QNwXjN8hYPjCKNdwpZrrkiQtwCfcpjK KEU1mXyeegxtL2JEiGL5P+k= =YjOU -END PGP SIGNATURE- ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
Re: [Zope-PAS] PluggableAuthService colon-in-cookie bug
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 27 Nov 2006, at 18:00, Daniel Doerr wrote: Hey guys, recently I discovered a bug (or a feature???!!) in the way credentials are stored in cookies with PluggableAuthService. Daniel, please file this as a bug report in the PAS collector: http://www.zope.org/Collectors/PAS Mailing lists are a bad place to send bug reports, they will simply get lost and be forgotten. jens -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (Darwin) iD8DBQFFbqOaRAx5nvEhZLIRAhyoAJ90b8UkjrRQ3jNVpukgDKTYkQZWKwCfWoHk q4c2EaG+lzuDKF/8oxfoWRU= =cGFZ -END PGP SIGNATURE- ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
Re: [Zope-PAS] all_meta_types filter
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 3 Oct 2006, at 05:40, Wichert Akkerman wrote: I am updating my OpenId authentication plugin to be a standard python package instead of a Zope product and am hitting a problem with PluggableAuthService.all_meta_types: it filters the registered types on a list of meta_types in the Products package. Since my package lives in plone.openid that effectively removes it. Is there any reason to do that filtering? Since the meta_types are registered at runtime we already know that the package is present. What we get from the plugin registration isn't the structure expected as a return value from all_meta_types. The plugin registration only gives us a sequence of meta_type strings. So in effect we are not filtering, we're simply converting to a suitable data structure that is found in Products.meta_types, and those are then returned. I haven't worked with products that are standard Python packages, but even if you cannot find them in Products.meta_types (why not I wonder? Is this a bug in the mechanism that enables Python package products?) I am assuming there has to be some place where you could look up their product information programmatically. all_meta_types could be extended to look in more than one place for this product information. jens -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (Darwin) iD8DBQFFIlR3RAx5nvEhZLIRAtnPAKCKnCSMJx9bqODCSsNGiYuMtFNoBQCgpOm2 Cuy5s+cls/hhYlzJQpwmUFY= =sIOk -END PGP SIGNATURE- ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
Re: [Zope-PAS] adding an image type to the set of known property types
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 30 Sep 2006, at 02:00, Rob Miller wrote: hi, i'm working on implementing the Plone member data as user properties, but have hit a snag b/c PAS doesn't recognize images as a possible property type. in the short term, does anyone object (with an alternate proposal, ideally) to the following patch: I don't see a reason not to integrate that patch. Gotta love double negatives, even I have to think twice about what it is I am saying ;) jens -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (Darwin) iD8DBQFFHnZ9RAx5nvEhZLIRApgYAKCqkPSLauDTT3tLqA/SAEZn7oNLHgCgoDi4 obY2ruP4K3vrI9d344pEh/w= =fsIc -END PGP SIGNATURE- ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
Re: [Zope-PAS] plonePAS and JAX-WS
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 25 Aug 2006, at 05:47, Serge Zagorac wrote: Hi All Is there any way or example how to configure plonePAS to consume a web service (in my case JAX-WS via SOAP ) in order to get user details? This won't be a configuration issue, it will be a coding issue. You don't mention specifically what consume a web service means, but you might be able to put together a Scriptable Multiplugin or write your own filesystem-based plugin to do the job. However, there is one big caveat. Making HTTP calls (or almost any other network request) out of Zope code during the execution of a web request is risky. The executing thread will wait until the external request has been answered, and if for whatever reason no answer is received it will hang forever. There are four threads available in a normal Zope configuration, the fourth time this happens your website will be unavailable and Zope must be restarted. A lot of care needs to be taken to ensure there are sensible timeouts on these external calls to prevent hangs. jens -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (Darwin) iD8DBQFE7sWDRAx5nvEhZLIRAlG6AJ9sSjNcg2aeMpAkFjVEFyX/ACoTEACfRTh+ fJ8VKl3cXDKf7L+o0xCcqBs= =LwGy -END PGP SIGNATURE- ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
Re: [Zope-PAS] Plone Group assignment to LDAP group
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 17 Aug 2006, at 10:36, Stephen Kenworthy wrote: Hi all, I've been trying out the Plone 2.5, Zope 2.8.7 release for the first time and looking to migrate our intranet which is currently Plone 2.1. I love the new pas system but am still getting to grips with it. Can anyone offer any advice on the following... Can I assign LDAP *groups* to Zope *groups*? and if so, how? Currently, no. The LDAPMultiPlugin does not perform any mapping. You get the same group names that are stored in LDAP. Mapping of names is only available for roles, and it is set up at the LDAPUserFolder level. jens -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (Darwin) iD8DBQFE5aWrRAx5nvEhZLIRAsZlAJ9xQniaz7QzQ3rCorWGmC4cFWgZWQCdHAvb 5ryy8K0TtTwcr1cWsY2PjBQ= =5CZX -END PGP SIGNATURE- ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
[Zope-PAS] PAS Caching (sucks)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Even though I am the perpetrator, I think the current way of caching, using ZCacheable and RAM cache managers, is absolutely horrific. It's cumbersome to set up and the ZCacheable API is ugly as sin using it from code. I think simplification is needed. I personally don't see any need to have caching in plugins themselves. Instead, caching should be applied at the gateway into the user folder, where it emits user objects. These user objects should be cached as a whole. I am envisioning a thread-independent cache (meaning no redundant lookups in each thread) that is configured using a caching ZMI tab on the PAS instance. No more Cache tab everywhere and no more RAM cache managers to configure. And no more contortions in plugin code to utilize ZCacheable. This model is the exact same model used in the LDAPUserFolder itself. The caching mechanism in the LDAPUserFolder contains two thread- independent bags where unwrapped users are stored: One exclusively for user objects generated from passwordless lookups, such as calls to getUser or getUserById and friends, and those generated by lookups that provide passwords. In this particular application having two user caches is simply an artifact of my slight abuse of getUser, so it might end up different in PAS. Who's got an opinion? jens -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (Darwin) iD8DBQFEy3CIRAx5nvEhZLIRArwVAJ9V4hJ6dR4B7CE7p7E/v56oaolL+QCfX3OQ yJmjbx2cNCSp2KFBEMTveLo= =meix -END PGP SIGNATURE- ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
Re: [Zope-PAS] documentation
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 30 May 2006, at 08:56, Nicolas Rod wrote: So my question: is there documentation anywhere with guidelines to develop a PAS Plugin ? For instance, I'd like to know the order in which the interface methods are called, where do the parameters come from, which ones are passed to other methods when a method returns something, etc. Any chance to find this somewhere ? I'm afraid the plugins and interface files shipped with PAS *are* the documentation at this time. jens -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (Darwin) iD8DBQFEfA5IRAx5nvEhZLIRAp/kAKCp+nE//Z8u/46VsZJbVg4V859EkACggaI8 5L5qwxo6MnoD96jGo8BPqB8= =ckRT -END PGP SIGNATURE- ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
Re: [Zope-PAS] PlonePAS session auth
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 9 May 2006, at 10:44, Emyr Thomas wrote: Is there a way to use session auth instead of cookie auth with PlonePAS as I'd prefer not to use cookie auth for security reasons. I notice PluggableAuthService has a Session Auth Helper plugin - any advice on getting this to work with Plone? With a standard PluggableAuthService (I am assuming/hoping PlonePAS behaves in the same way, but don't really know) you can follow the description here: http://mail.zope.org/pipermail/zope-pas/2004-November/000220.html You can disregard the text underneath Problem:, that has now been solved. jens -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (Darwin) iD8DBQFEYGs8RAx5nvEhZLIRAlYbAJ9xOP4FZwCeFbtJjarW9DYJqNdHQwCfSbvo WogXEKtV+G+kEE3F6XywiHQ= =29ba -END PGP SIGNATURE- ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
Re: [Zope-PAS] project questions
On 1 Mar 2006, at 21:50, Tino Wildenhain wrote: Jens Vagelpohl schrieb: Zac has asked to step back a bit as the contact for the project and I told him I could take over that part. That includes things like release stewardship. One of the items that had been on my list for a while was to move both the download area as well as the collector out of Zac's member folder on zope.org into the well-known areas, underneath / Collectors and /Products, respectively. +1 on that. This eases development a lot. PAS, PluginRegistry and the PAS collector have now moved: http://www.zope.org/Products/PluggableAuthService http://www.zope.org/Products/PluginRegistry http://www.zope.org/Collectors/PAS I continue to be foiled by %$£@ zope.org in that many items are private after pasting. I have repaired the worst of of, but catalog searches are still not revealing anything useful for PluggableAuthService. I am hoping this is a caching issue. jens ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
Re: [Zope-PAS] PAS and PluginRegistry releases
On 23 Feb 2006, at 08:29, Wichert Akkerman wrote: Hi, Starting from 2.5 Plone will use PAS, and Plone 2.5-alpha2 is about to hit the streets. For a release we would like to use released versions of all products used, which includes PluggableAuthService and PluginRegistry. The latest PAS release (1.1b2) does not include the later interface work which is in svn; would it be possible to get a release which includes that? PluginRegistry version 1.0.2 seems to be tagged in subversion, but the latest downloaded release is still 1.0. Would it be possible to get 1.0.2 up on www.zope.org so we can use that as well? I could create releases this weekend if no one objects jens ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
Re: [Zope-PAS] Re: PAS and PluginRegistry releases
On 23 Feb 2006, at 12:16, Tres Seaver wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Wichert Akkerman wrote: Hi, Starting from 2.5 Plone will use PAS, and Plone 2.5-alpha2 is about to hit the streets. For a release we would like to use released versions of all products used, which includes PluggableAuthService and PluginRegistry. snip We could probably cut a 1.2 beta from the trunk right away. We might also need to look at: http://www.zope.org/Members/urbanape/PluggableAuthService/Collector/ Wichert, can you quantify about to hit the streets? I would assume for a Plone alpha a PAS beta is perfectly fine, and that could be cut right away. For the Plone 2.5 final a PAS final release would be appropriate, and that gives us time to work the collector a bit. jens ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas
Re: [Zope-PAS] role management
On 19 Jan 2006, at 22:55, Wichert Akkerman wrote: Currently adding roles through a RoleManager breaks ZODBRoleManager: it reads a list of all roles when it created and assumes they do not change after that. If you add a new role you can do that through a RoleManager directly, but ZODBRoleManager will not notice and will not enumerate it. Can someone enlighten me as to how roles and local roles really differ, and why every folder has both? Roles are global. User objects get them assigned upon creation. Local roles are only used within the context they are defined in. So if user A has role Member after authenticating at the root in / acl_users, and he has a local role Manager in /members/A, then security validation will recognize him as Member and Manager for all items accessed in or underneath /members/A, but only as Member everywhere else. If ZODBRoleManager does not see global roles added after its instantiation then that's a bug. jens ___ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas