On Mon, Jul 14, 2008 at 09:50:25AM +0200, Hermann Himmelbauer wrote: > (..) > 1) No way to pass PAU-related information to form-code: In PAU, the > (..)
As I using PAU within Plone and PlonePAS to handle the credential extraction and form stuff, I can't say anything about PAU's capabilities of doing that. However, I wrote it down and will eventually look into it. > 2) Lack of documentation: The entities "Principal, InternalPrincipal, > PrincipalInfo" are very confusing to a newbie, I still don't get the "big > picture". InternalPrincipal is a persistent object used to store the data of principals in a PrincipalFolder, PrincipalInfo is returned upon successfull authentication and handed to FoundPrincipalFactory, which extracts some information and returns Principal objects. > 3) Lack of plugins: No plugin for URL-rewriting, e.g. cookie-less browsers > (retrieving auth-information from URL) etc. I don't know about URL-rewriting, but you should be easily able to write your own credentials plugin to extract whatever you like from a request object. > I personally needed to write an authentication plugin for a SQLAlchemy based > RDB, and was confused a lot of how/why to create Principal / PrincipalInfo > objects: Should I create my own Principal/PrincipalInfo objects in order to > stuff information into them that my application needs? Most probably that could work. > How excactly should I cache user data so that a single browser request does > not lead to multiple RDB queries? And where in the big picture is the "User" > entity? (It's probably the InternalPrincipal object, I assume)... You don't need InternalPrincipal objects, they are specific to PrincipalFolder, IMHO. I think you need: - custom authenticator plugin, that authenticates against RDB and has a dictionary as cache: key = login, value = password; - custom foundprinciplefactory, that generates Principal objects from RDB data, again using a simple key=login,value=Principal dictionary as cache; - eventually a custom credentials plugin, that for your point 3. > (..) > So I would very, very much suggest to dig into PAU first and fix those > shortcomings before porting it to Plone/Zope2. Exactly what I am doing :) Thank you very much for your feedback. florian
pgpanEfbeSGFw.pgp
Description: PGP signature
_______________________________________________ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )