[Zope] SimpleUserFolder and sha-crypted passwd

[Chris Withers]

Jan-Frode Myklebust wrote:
> 
> We've allowed sha into Zope with ""allow_module('sha')"".

Where did you put that?

> I must say I'm _very_ impressed with how well it's performing without
> any caching. I was concerned that either the password hashing or sql
> queries on our 1500 user postgresdatabase would create too high load on the 
> server, but it really isn't noticeable. 

ZSQL Methods do caching, perhaps you're benefitting from that :-)

> Actually the authenticated timings are a bit less stabel than
> unauthenticated. Goes from 0.05 seconds to ~0.10. 

That would make sense :-)

> Maybe we'll try to add sql caching later, but with this speed it
> doesn't seem worth the effort.

*grinz* IIRC, You're using a python script for one of your methods, if so, have 
a look at the standard Zope cache managers if you run into speed problems.

> SUF sounded too much like a small simple hack to demonstrate that
> somebody knows how to hack zope. But it's really very powerfull!

Thanks, my philosophy with software is to keep things very simple, generalised 
and powerful, rather than trying to cover all bases and fail.

> think something like SUF should be the default userfolder in Zope
> (with some default addUser, deleteUser, getUserDetails, etc.)

Probably the best place to suggest it would be zope3-dev@zope.org, although if 
you write a proposal on dev.zope.org and get it all approved, I'd be happy to do 
the development work for Zope 2.7...

> gives exactly the same behaviour as the current User Folder. It's
> annoying that there are too many different UFs too choose from, and
> not all end up being actively maintained.. 

Indeed. Hence why I wrote SUF, it shouldn't need any maintenence because it does 
so little.

> So, thank you for SUF! 

No probs :-)

cheers,

Chris