close Warning: Can't synchronize with repository "(default)" (Unsupported version control system "svn": No module named svn). Look in the Trac log for more information.

Changes between Version 8 and Version 9 of AuthFramework


Ignore:
Timestamp:
Aug 7, 2008, 10:11:19 PM (13 years ago)
Author:
cmlenz
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • AuthFramework

    v8 v9  
    6262=== HTTP Authentication ===
    6363
     64With HTTP (or “external”) authentication, the actual checking of a users credentials is performed outside of the application code, probably by employing some authentication module at the web server level. In this kind of setup, Diva only reads the result of the authentication process from the `REMOTE_USER` variable.
     65
    6466=== Form-based Authentication ===
    6567
    66 === Hybrid HTTP/Cookies-based Authentication ===
     68With form-based login, the application provides an HTML form that allows the user to enter some kind of identifier and a password. When the form is submitted with valid credentials, a cookie is created that allows the framework to identify the user on subsequent requests.
     69
     70The framework provides a default form (see FormProcessing), a template, and request handlers for logging in and out. Any of these defaults can be customized or replaced by the application.
     71
     72=== Hybrid HTTP/Cookie-based Authentication ===
    6773
    6874This mode allows the use of HTTP authentication without having to protect the entire URL namespace. Only one or more sub-resources (such as `/login`) are protected by HTTP authentication. When the user visits a protected URL, Diva sets a cookie (in the same manner as with form-based authentication), thereby enabling resources outside of the protected area to identify the user and apply her permissions.
     
    108114=== Password Management Utilities ===
    109115
     116== API Documentation ==
     117
     118[[PythonDoc(branches/experimental/auth-framework, diva.auth)]]