close Warning: Can't synchronize with repository "(default)" (Unsupported version control system "svn": No module named svn). Look in the Trac log for more information.

Changes between Initial Version and Version 1 of AuthFramework


Ignore:
Timestamp:
Aug 4, 2008, 4:48:41 PM (14 years ago)
Author:
cmlenz
Comment:

Some info on the auth branch

Legend:

Unmodified
Added
Removed
Modified
  • AuthFramework

    v1 v1  
     1= Framework for Authentication and Authorization =
     2
     3This page describes an [source:branches/experimental/auth-framework experimental branch] that adds a simple generic auth framework to Diva.
     4
     5The main goals of this framework are:
     6
     7 * Enable relatively easy switching between HTTP authentication (such as `Basic` or `Digest` authentication performed by the web server) and form-based authentication.
     8 * Provide convenience functions for checking authorization to perform certain actions.
     9 * No reliance on a specific backend storage for user profiles and credentials.
     10 * No restriction to a specific method of controlling access to resources (such as ACLs). Applications can use whatever access control granularity they need.
     11 * Storage-independent generation and verification of authentication cookies for form-based login.
     12
     13Possible/peripheral goals:
     14
     15 * WSGI middleware for using `Basic` and `Digest` authentication, primarily in the context of the DevelopmentServer
     16
     17Non-goals include:
     18
     19 * Built-in processes and UI for user registration, activation, password resetting, and other high-level features.