[Zope-dev] struggeling with a sessionbased LoginMethod

Chris McDonough chrism@zope.com
Wed, 7 Nov 2001 10:06:41 -0500


This is cool.  I wish I'd had the chance to review it so far so I
might be able to roll some of the changes into CST.  Sorry Joseph.
:-(

----- Original Message -----
From: "Joseph Wayne Norton" <norton@alum.mit.edu>
To: "Joachim Schmitz" <js@aixtraware.de>
Cc: <zope-dev@zope.org>
Sent: Wednesday, November 07, 2001 9:41 AM
Subject: Re: [Zope-dev] struggeling with a sessionbased LoginMethod


>
> Joachim -
>
> I can't help you with LoginManager, but I did build a customized
> version of the acl_users folder that is tightly integrated with core
> session tracking.  You might want to consider using it or simply to
> duplicate the same behavior.  Please see the e-mail below.
>
> regards,
>
> - joe n
>
> At Mon, 29 Oct 2001 15:35:03 +0900,
> norton  wrote:
> >
> >
> > I have updated the tarball for CoreSessionUserFolder product
(version
> > 0.0.3) on the zope.org website.  You can access the tarball from
my
> > home page at:
> >
> >         http://www.zope.org/Members/natsukashi/index.html
> >
> > I have changed the implementation slightly and refined the usage
> > model.  The basic idea is that an anonymous session object is
> > automatically converted into a zope user object given some trigger
> > criteria.  After conversion to a zope user object, the anonymous
web
> > user is granted access via zope's security machinery to some
protected
> > resource (like index_html). The session user/object will then be
> > automatically deleted unless the session's life is extended by
another
> > trigger criteria.  By using CookieCrumbler in conjunction with
> > CoreSessionUserFolder, all of the login/logout mechanisms are
nicely
> > hidden from the anonymous user.
> >
> > I have also included a small demo *.zexp (install/README.txt) that
can
> > be used out-of-the-box once all of the necessary patches
> > (patches.README.txt) have been applied.  It requires zope 2.4.*,
CST
> > 0.0.9, and the cookie crumbler product.
> >
> > I have labeled it a prototype simply because it has not been
reviewed
> > yet outside of our organization.  Unless there are any troubles,
this
> > product will be in production usage tomorrow.  You can access the
> > website (a fortune telling site) given the following url:
> >
> >   http://www.unkei.com/unkei/menu.html
> >
> > A CoreSessionUserFolder backs each of the content menus and
implements
> > a pay-per-view service where a credit card purchase acts as the
> > session extending trigger.  Unfortunately, the content is only in
> > Japanese and a payment using a major credit card is required to
view
> > the content.
> >
> > Obviously, any feedback good or bad are appreciated.
> >
> > - joe n.
> >
>
> _______________________________________________
> Zope-Dev maillist  -  Zope-Dev@zope.org
> http://lists.zope.org/mailman/listinfo/zope-dev
> **  No cross posts or HTML encoding!  **
> (Related lists -
>  http://lists.zope.org/mailman/listinfo/zope-announce
>  http://lists.zope.org/mailman/listinfo/zope )
>