[Zope-PTK] password policy change interface

Shane Hathaway shane@digicool.com
Thu, 07 Sep 2000 11:16:07 -0400


Bill Anderson wrote:
> The PTK itsself should basically, IMO, call things like 'authenticate_User', 'logout_User', perhaps even 'get_User'.
> Anything that deals with user authentication should no tbe implemented in the PTK. do this and you get conflict and
> confusion (witness the 'Desktop backgroun' control conflict when using Enlightenment and GNOME. Someone has to give).
> (snip)
> Then, a User Management Product would implement the behind the scenes methods to return the required result.
> 
> Ideas? Suggestions, other than checking into the local State Hospital (Looney Bin).

My suggestion is that we simply modify the portal_membership and
portal_registration API's to make all kinds of authentication possible. 
They are closer to what you're suggesting than you realize.  Note that
they do not constitute the complete policy; the final details are
implemented in DTML (and will soon move to TTW Python Methods).  Thus we
don't have to implement all possible policies--we only have to make them
possible.

Please look at interfaces/portal_membership and
interfaces/portal_registration.

Shane