On Thu, 19 Apr 2007 08:33:16 -0400, Sidnei da Silva
<[EMAIL PROTECTED]> wrote:
On 4/19/07, Wichert Akkerman <[EMAIL PROTECTED]> wrote:
But you can get that even with PAS if you change the challenger in your
site PAS. For example if I configure my site to only allow OpenID logins
you can no longer use the emergency user since no challenger will result
in username&password style credentials.
Correct. In the case of PlonePAS, we are just making the default,
out-of-the-box config be not broken instead of being broken by
default.
looking at this further, there really doesn't seem to be any good way to
allow the root to be a non pas, and allow the plone default authentication
(form based) to work with users in the root, without replacing the root.
the way pas monkey patches the response during traversal, basically
asserts only the inner most user folder gets a chance to challenge.
apologies to the integrators, there really isn't a workaround for this
outside of reworking pas's challenge mechanism or the challenge plugins to
allow delegation up the chain, the means of which isn't apparent to me.
-kapil
_______________________________________________
Zope-PAS mailing list
Zope-PAS@zope.org
http://mail.zope.org/mailman/listinfo/zope-pas
