[Zope-dev] Proposal: refactoring of zope.app.security

Dan Korostelev nadako at gmail.com
Wed Mar 11 02:00:19 EDT 2009


2009/3/11 Roger Ineichen <dev at projekt01.ch>:
>> Betreff: [Zope-dev] Proposal: refactoring of zope.app.security
>>
>> - Move IAuthentication and other interfaces into new
>> zope.authentication package. Also move there PrincipalSource and the
>> "checkPrincipal" utility function. Also move there the PrincipalTerms
>> class, however that will add dependency on zope.browser (which is
>> really really tiny, as you may know).
>
> Should we move the password "managers" registry and vocabulary
> to zope.authentication too?

No, I think they need to be just moved back into zope.password. The
zope.authentication is expected to be tiny package that contains only
interface definitions and PrincipalSource.

>> - ILogoutSupported flag interface/adapter. Looks like it's only ever
>> used for enabling/disabling the "logout" button in the UI. I'd
>> deprecate it and leave in zope.app.security.
>
> That's an important feature. It could be really hard to nearly
> impossible to find out if an authentication provides logout or not
> without the ILogoutSupport adapter or a similar concept.
>
> We should think about how to replace that pattern if we skip the
> existing one.

Okay then. The interface will be moved into zope.authentication as
well. :-) Thanks for comment  on that.

-- 
WBR, Dan Korostelev


More information about the Zope-Dev mailing list