[Zope-PAS] [RFC] Extending CookieAuthHelper

Chris Withers chris at simplistix.co.uk
Tue Nov 23 10:47:33 EST 2004

Chris McDonough wrote:
> I'm -0 on this idea.  It seems to make sense for each to be as simple as
> possible so someone approaching each for the first time needn't mentally
> parse out the half of the thing that he doesn't need.  Fewer knobs
> spread across more plugins is more desirable to me, don't know what
> other people think.

I totally agree :-)

> Mostly unrelated, but I think PAS itself should sprout a
> "resetCredentials" method that can be called by app code that turns
> around and calls all of its consituent plugins' resetCredentials
> methods.  It's too hard to "log someone out" in a general way right
> now.  

This too...

> This is hampered by the fact that the http basic auth plugin
> immediately raises unauthorized in its resetCredentials implementation;
> it maybe should just set a 401 status and lock it instead.

...and this :-)

Maybe I should just change my name to Chris... oh wait *grinz*


Simplistix - Content Management, Zope & Python Consulting
            - http://www.simplistix.co.uk

More information about the Zope-PAS mailing list