[Zope] GUF: Generic User Folder

Ben Leslie benno@sesgroup.net
Thu, 16 Mar 2000 10:12:08 +1100 

> On Wed, Mar 15, 2000 at 02:23:43PM -0500, Pavlos Christoforou wrote:
> > I have not touched the authentication machinery yet so I must rely on
> > other Zopistas efforts. There is a LoginManager which is part of the PTK.
> > Seems to be well thought out, and it seems to provide a very general and
> > broad solution to the authentication problem, but I have no idea whether
> > or how it works.
> 
> The Login Manager looks good because, unlike GUF and UserDb, it allowed
> me to use the admin/supervisor password to authenticate straight away 
> and so didn't lock me out of the directory.
>
> I actually gave up on GUF because I _couldn't_ get it to let me in in
> the first place to set up my db methods. The password that is supposed
> to be built in didn't work at all, neither did the supervisor one.

I posted a work around for that on this mailing list a couple of days ago.
And yes whilst it is frustrating it is no where near as hard as writing 
an authentication product from scratch (which from experience is difficult).
 
> To me this is the biggest problem with the other existing systems, that
> they lock you out of your site and there is little you can do about it.
> (In UserDb I had to comment out parts of the security code to get it
> to let me in and set it up properly. After it was set up it worked fine
> and I could put the code back.)
> 
> > Another useful add on is for GUF to ship  a complete example of its usage
> > based on standard Zope objects (Folders etc). Maybe as an exported
> > folder that the user can optionally import. 

Last time I used it came with a very simple example already. All you need
to do is add in your logic and you're away. The SQL Howto on the website is
very informative (cheers to whoever wrote that).
 
> All authentication stuff from a database is going to require the
> person to customise their own sql we can't make custom authentication
> methods any easier than that, but in the simplest case this should
> be _all_ they have to do. The supervisor password should _always_ work
> in any authentication method from the beginning and it should be made
> clear that people are going to have to authenticate using that particular
> password until they have the rest of their site set up.
> 
> Anyway, the LoginManager looks very clean. It already doesn't have a
> lot of the old problems and I like the abstraction. Now I just have to
> finish getting DCOracle working (annoying truncated .so files...).

Sorry I think that the GUF is also very clean and quite easy to work with.

I think GUF is great as it is. Thanks a lot to Zen for contributing it.

Cheers,

Benno