[Grok-dev] User/Group/Security Management Pain
luciano at ramalho.org
Tue May 13 14:11:40 EDT 2008
On Tue, May 13, 2008 at 1:57 PM, whit morriss <d.w.morriss at gmail.com> wrote:
> A good start would be to gather what documentation and code is available
> out there and see what can be used and where the holes are. For my effort, I
> cobbled stuff together from philips book and zope's innards (w/ some help
> from the channel).
> Most of the effort is in account.py and auth.py (and it's a bit messy and
> the cookie auth is not signed yet), but it covers a basic signup/login case
> minus groups and role/permission mechanics (this part I'm trying to work out
> now and wish I had some good examples). feedback welcome of course...
> I'm sure others have code too no?
Earlier this year I developed two demo apps, LoginDemo and
PlainLoginDemo to explore how to setup the simplest possible
authentication/authorization functionality. Both are in the Zope SVN:
My conclusion at the time was that we have a long way to go before
even the simplest app requiring user logins can be called "easy" to do
There was some conversation in this list about the sample apps at the
time (jan/2008) which you may want to look up.
I am glad more people are concerned and willing to do something about this.
More information about the Grok-dev