[Zope-PAS] Re: [RFC] Extending CookieAuthHelper

Jens Vagelpohl jens at dataflake.org
Thu Nov 18 11:31:35 EST 2004


> Do we really want to have a plugin call all of its respective peer
> plugins' updateCredentials methods during a challenge?  I've been in
> places like this before, and it usually turns into a bughunt.
>
> The challenge plugins are allowed know the protocol they're used for 
> (is
> there any other protocol than 'http' ?).  Maybe we should also make the
> credentials update plugins also know which protocol they're updating.
>
> The PAS object during a challenge would temporarily store the results 
> of
> all the challenge attempts on a per-protocol basis (maybe somewhere in
> the request).
>
> The challenge plugin would never call updateCredentials method on PAS.
> Instead, we'd provide a getCredentialsForProtocol method on the PAS
> object that returns the data collected for a particular protocol.
>
> Then the IUpdateCredentials plugin could ask PAS for the
>
> creds = pas.getCredentialsForProtocol(self.protocol)
> ... do update ....

I have a feeling we're drifting off into "framework land" here. Isn't 
it better to get something in there that works instead of coming up 
with new alternatives all the time? This thread has been going on for a 
week now and to be honest I find it more and more frustrating trying to 
herd the cats, because there's always at least one running off again...

jens



More information about the Zope-PAS mailing list