[Zope] Best way to impliment ultralight security / restricted access schemes.

Gary Speer gspeer@cortech.org
Fri, 14 Jun 2002 23:45:46 -0700


Hi - I'm looking for the most expedient way to accomplish the following:
We have a project where we want to implement persistent security (if you
can call it that) by folder but using annonimous or screenname-only
logins.  To put it plainly, if you know the secret password for a folder,
same password for all coming to the folder, you get access to the folder
and all subfolders.  Your access is persistent, session to session, at
least by machine (cookie) or your list of folder accesses is restored when
you login using the same screen name.  Each user may have a different
combination of folder approvals.

I know there are lots of ways to do this with typical html panashe.  I'm
looking for really cool ideas that use the power of Zope to keep this
really simple.  The semi-obvious is to make the first-time-access password
a property of the folder.  Its the remembering you've been there before
and automatically letting you back in that we are after via a database
record (preferred) or a cookie.
All thoughts appreciated.  Thanks,  gary