[Zope3-dev] HEADS UP: PAU (pluggable authentication) users
Garrett Smith
garrett at mojave-corp.com
Wed Mar 30 00:11:16 EST 2005
Jim Fulton wrote:
> Garrett Smith wrote:
>> I wonder if it's really a problem if we never upgrade to
>> IAuthentication2 unless a particular API is needed. It might
>> actually be less confusing to not have '2' showing up everywhere.
>> Only people who care need to deal with it.
>
> The problem is that code that wants IAuthentication2 will need to be
> careful. If it asked for an IAuthentication utility and an
> IAuthentication2 utility, it might get a different answer. There
> could, theoretically, be a closer IAuthentication. Such code wold
> probably be better off doing something like:
>
> auth = component.getUtility(IAuthentication)
> auth = IAuthentication2(auth)
>
> at which point, we might as well have a ILogout interface that we
> adapt to.
This seems like a lot of pressure to get interfaces absolutely correct
before releasing them. There's no decent evolution scheme.
It would be nice to just modify IAuthentication and then deal with
broken implementations in some elegant way. We'd be saying, "the
contract's changed, but we'll let you get away with the breakage for two
release cycles" which is really what's going on.
In Java, most interfaces have some abstract class that buffers the user
from changes to the interface. While that's certainly not what we want,
it'd be nice to capture the spirit of that pattern. I don't know what
this would look like in Zope 3 though.
-- Garrett
More information about the Zope3-dev
mailing list