close Warning: Can't synchronize with repository "(default)" (Unsupported version control system "svn": No module named svn). Look in the Trac log for more information.

Changes between Version 4 and Version 5 of AuthFramework


Ignore:
Timestamp:
Aug 6, 2008, 5:35:13 PM (13 years ago)
Author:
cmlenz
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • AuthFramework

    v4 v5  
    2323 * Built-in processes and UI for user registration, activation, password resetting, and other high-level features.
    2424
    25 == Application Mixin Approach ==
     25== High-Level Architecture Stuff ==
     26
     27=== Application Mixin Approach ===
    2628
    2729The current branch defines an `AuthMixIn` class that auth-enabled applications are supposed to subclass. It adds a couple of method stubs to the `Application` class, and contributes a [wiki:RequestFilters request filter] that performs authentication.
    2830
    29 == Filters Refactoring ==
     31=== Filters Refactoring ===
    3032
    3133Due to the way application mix-in classes can contribute filters, ordering request filters explicitly becomes too painful. The branch enhances the way request filters are defined by allowing them to declare the abstract service they provide (such as "localization" or "error-handling"), and also declare what services they rely on to do their job. For example:
     
    3941
    4042The ordering of request filters is then inferred from this dependency information.
     43
     44== Authentication Methods ==
     45
     46=== HTTP Authentication ===
     47
     48=== Form-based Authentication ===
     49
     50=== Hybrid HTTP/Cookies-based Authentication ===
     51
     52This mode allows the use of HTTP authentication without having to protect the entire URL namespace. Only one or sub-resources (such as `/login`) are protected by HTTP authentication. When the user visits a protected URL, Diva sets a cookie (in the same way manner as used by form-based authentication), and pages outside of the protected area are able to identify the user and apply her permissions.