Typically, web servers provide access logs that include a label
for the authenticated user.
Often, WSGI applications (or middleware) provide their own user
authentication facilities. Well, Zope does. :)
There doesn't seem to be a standard way for WSGI applications or
middleware to communicate th
At 11:22 AM 1/22/2006 -0500, Jim Fulton wrote:
>Typically, web servers provide access logs that include a label
>for the authenticated user.
>
>Often, WSGI applications (or middleware) provide their own user
>authentication facilities. Well, Zope does. :)
>
>There doesn't seem to be a standard way
Phillip J. Eby wrote:
> At 11:22 AM 1/22/2006 -0500, Jim Fulton wrote:
>
>> Typically, web servers provide access logs that include a label
>> for the authenticated user.
>>
>> Often, WSGI applications (or middleware) provide their own user
>> authentication facilities. Well, Zope does. :)
>>
>>
Who is working on deployment tools for WSGI? I'm aware of Paste Deploy.
Are there any other efforts underway?
Jim
--
Jim Fulton mailto:[EMAIL PROTECTED] Python Powered!
CTO (540) 361-1714http://www.python.org
Zope Corporation http://www.zope.com
[Jim Fulton]
>>>Is Zope the only WSGI application that performs authentication
>>>itself?
[Phillip J. Eby]
>>I think Zope is the only WSGI application that cares about
>> communicating this information back to the web server's logs. :)
[Jim Fulton]
> I hope that's not true. Certainly, if a
At 05:45 PM 1/22/2006 +, Alan Kennedy wrote:
>I agree about not sending this information back to the user: it's
>unnecessary and potentially dangerous.
Yep, it would be really dangerous to let me know who I just logged in to an
application as. I might find out who I really am! ;)
__
Phillip J. Eby wrote:
> At 05:45 PM 1/22/2006 +, Alan Kennedy wrote:
>
>>I agree about not sending this information back to the user: it's
>>unnecessary and potentially dangerous.
>
>
> Yep, it would be really dangerous to let me know who I just logged in to an
> application as. I might fi
[Alan Kennedy]
>> I agree about not sending this information back to the user: it's
>> unnecessary and potentially dangerous.
[Phillip J. Eby]
> Yep, it would be really dangerous to let me know who I just logged in to
> an application as. I might find out who I really am! ;)
Very droll ;-)
Wha
Jim Fulton wrote:
> Typically, web servers provide access logs that include a label
> for the authenticated user.
>
> Often, WSGI applications (or middleware) provide their own user
> authentication facilities. Well, Zope does. :)
>
> There doesn't seem to be a standard way for WSGI applications
Ian Bicking wrote:
> Jim Fulton wrote:
>
>> Typically, web servers provide access logs that include a label
>> for the authenticated user.
>>
>> Often, WSGI applications (or middleware) provide their own user
>> authentication facilities. Well, Zope does. :)
>>
>> There doesn't seem to be a stand
10 matches
Mail list logo
