AW: [Zope3-Users] efficiency of PAU authentication
Stephan Richter
srichter at cosmos.phy.tufts.edu
Thu May 15 22:47:22 EDT 2008
On Tuesday 29 April 2008, nixon wrote:
> in app.publication.zopepublication.py there are 2 methods.
> Maybe they are invoked in different scenarios, I am not sure.
> But at least one PAU auth for each request.
>
> def callTraversalHooks(self, request, ob):
> # Call __before_publishing_traverse__ hooks
> notify(BeforeTraverseEvent(ob, request))
> # This is also a handy place to try and authenticate.
> self._maybePlacefullyAuthenticate(request, ob)
>
> def afterTraversal(self, request, ob):
> #recordMetaData(object, request)
> self._maybePlacefullyAuthenticate(request, ob)
callTraverslHooks is called after any new object has been traversed in the
traversal process. See zope.publisher.base.BaseRequest.traverse.
afterTraversal is called in zope.publisher.publish.publish after all
traversal is done. So yes, you would see multiple attempts to authenticate.
Zope cannot guess that you end up at the same place.
As Roger suggestedm some caching might be good, if the credentials
verification is expensive.
Regards,
Stephan
--
Stephan Richter
Web Software Design, Development and Training
Google me. "Zope Stephan Richter"
More information about the Zope3-users
mailing list