[Grok-dev] Re: Grokwiki Security in Eggified Grok

Philipp von Weitershausen philipp at weitershausen.de
Mon Aug 20 05:57:45 EDT 2007

Uli Fouquet wrote:
> By default the PAU added by the admin-UI parses site.zcml to grab the
> administrator users' name, password and roles.

I don't like this approach at all. I think the PAU that you install 
should be able to fall back to the global IAuthentication utility (which 
happens to be filled by the statements in site.zcml). There should be no 
need for a local one-off copy of whatever is specified in site.zcml. As 
we've seen, this leads to a lot of confusion.

It may be necessary to write a new authenticator plug-in that 
specifically authenticates against the global principal registry. This 
should be trivial, though.

In addition to that, having user management for the installed PAU would 
be very nice indeed!

http://worldcookery.com -- Professional Zope documentation and training

More information about the Grok-dev mailing list