- Add support for Python 3.4.
- Refactor
zope.pluggableauth.plugins.session.redirectWithComeFrom
into a reusable function. - Fix: allow password containing colon(s) in HTTP basic authentication credentials extraction plug-in, to conform with RFC2617
- Add
tox.ini
andMANIFEST.in
. - Add support for Python 3.3.
- Replace deprecated
zope.component.adapts
usage with equivalentzope.component.adapter
decorator. - Replace deprecated
zope.interface.implements
usage with equivalentzope.interface.implementer
decorator. - Drop support for Python 2.4 and 2.5.
- As the
camefrom
information is most probably used for a redirect, require it to be an absolute URL (see also http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.30).
Add a hook to
SessionCredentialsPlugin
(_makeCredentials
) that can be overriden in subclasses to store the credentials in the session differently.For example, you could use
keas.kmi
and encrypt the passwords of the currently logged-in users so they don't appear in plain text in the ZODB.
Move concrete
IAuthenticatorPlugin
implementations fromzope.app.authentication
tozope.pluggableauth.plugins
.As a result, projects that want to use the
IAuthenticator
plugins (previously found inzope.app.authentication
) do not automatically also pull in thezope.app.*
dependencies that are needed to register the ZMI views.
- Fix dependency declaration.
- Add
persistent.Persistent
andzope.container.contained.Contained
as bases forzope.pluggableauth.plugins.session.SessionCredentialsPlugin
, so instances ofzope.app.authentication.session.SessionCredentialsPlugin
won't be changed. (https://mail.zope.org/pipermail/zope-dev/2010-July/040898.html)
- Declare adapter in a new ZCML file : principalfactories.zcml. Avoids duplication errors in
zope.app.authentication
.
- Splitting off from zope.app.authentication