[Zope3-Users] Authentication, Principals and PAU...

luis lparrab at gmx.net
Mon Feb 13 18:17:58 EST 2006


hi all,

I'm trying to get started with zope3, and while I think I'm beginning to
understand parts of it, I'm still having a hard time with other parts, so I
hope someone here can help me out a bit.

my first questions are concerning authentication/ users / pau...

as a learning-excercise i want to create an example app, where users can
register themselves, login and upload files.

I added one PAU to my site which uses session credentials and a
principalfolder.. so now I can create users in that folder and can log into
the system. that works, but when I tried to add additional information
(mail, etc) using the principal annotation utility, it just doesnt work...

I created the interface and class to store the data, and tried to register
them with a zmcl adapter and browser:editform
for="zope.security.interfaces.IPrincipal", but nothing happened... so far
I've been able to trace it down, the objects in the principalfolder do not
implement IPrincipal, but only IInternalPrincipal, so my "mapping" in zcml
is not active for my users.

to be honest, the difference between principals, internalprincipals and
principalinfos is not that clear to me.

I then downloaded schooltool to have a look how they implemented users
there, and they don't use the pau at all, but created an own authentication
utility. and they don't use the principal annotation util either, but store
the person details as annotations on the objects themsleves..

...so...is this the recomented way of doing things? is the pau only meant to
be an example auth-utility and applications are supposed to implement their
own auth. mechanism? or maybe use the pau as a basic framework, but
implement your own "principalfolder" as a pau-plugin?

something else i noticed, is that in the pau the principalfolder lives
"inside" the pau itself (the pau acts as a container) in software space
(++etc++site), while in schooltool the users live in the "persons" folder
in content space.
is there a difference between software and content space for this?,
specially in regard to users being able to register on their own,
user-search or something else that can only be done in content-space but
not in software/configuration-space or viceversa?

thanks.

cheers. luis



 



More information about the Zope3-users mailing list