[Zope-PAS] Challengers (and Zope 3)
jim at zope.com
Wed Sep 29 15:39:53 EDT 2004
I'm working on PAS for Zope 3. I hope to be able to post a proposal
by way of a README.txt and interfaces file soon.
I've just tried to catch up on the long threads on challenges and
thought it would be a good idea to put my 2 cents in.
I think Mark raises some important points. It often is
appropriate to issue multiple challenges. This is especially
appropriate for HTTP-based challenges.
Let me see if I can state this correctly and clearly. For
lack of a better term, I'll say that there can be multiple
protocols for making challenges. Examples of protocols include
HTTP Authentication and Cookie-based authentication. There
are undoubtably other protocols, although I don't know of
any off hand. ;) Generally, protocols are not compatible with
each other. (This is hard to say for sure, but for the protocols
we have, this is the case. :). Therefore, we don't want to issue
challenges for multiple protocols.
Before I go any further, does this sound right? Is the statement above
sensible and correct?
Can people think of any other *real* protocols?
Jim Fulton mailto:jim at zope.com Python Powered!
CTO (540) 361-1714 http://www.python.org
Zope Corporation http://www.zope.com http://www.zope.org
More information about the Zope-PAS