[Zope-CMF] change_password doesn't (because MemberData makes invalid assumptions)

Stefan H. Holek stefan at epy.co.at
Thu Aug 14 11:53:45 EDT 2003


Thanks Jens!

Yes, bad example, I admit. I read between the lines that when providing a 
user folder one has to provide membership/data components as well. Can do.

Remains the question, why credentialsChanged() is not allowed to modify the 
user database. Or more specific, if I have a user folder that provdes the 
credentialsChanged() API to make portal_membership think it is a 
LoginManager, is it allowed to change the user database at this point? If 
not, why?

Thanks again,
Stefan


--On Mittwoch, 13. August 2003 18:03 -0400 Jens Vagelpohl <jens at zope.com> 
wrote:

>> Now what? Given that setSecurityProfile() doesn't and
>> credentialsChanged() mustn't, how is one supposed to actually enable a
>> user to change his password when using, say, LDAPUserFolder (short of
>> bypassing the entire machinery)?
>>
>
> That's a bad example. CMFLDAP is a product that already exists for the
> specific purpose of providing membership/member data tools that works
> with the specific APIs on the LDAPUserFolder.
>
> jens


--
The time has come to start talking about whether the emperor is as well
dressed as we are supposed to think he is.               /Pete McBreen/



More information about the Zope-CMF mailing list