[Twisted-Python] Is it necessary to utilize twisted.cred in twisted web?

biziap biziap fetbiz at gmail.com
Tue Oct 6 00:08:10 EDT 2009


I have googled this topic and found and example in
(A) http://www.mail-archive.com/twisted-web@twistedmatrix.com/msg01796.html
well, another simpler example is
(B) http://www.mail-archive.com/twisted-web@twistedmatrix.com/msg01788.html

My questions are:
1. Does the approach in (A) be recommended? To generate resource
dynamically seems not efficient and not necessary for simple scenario.
Is there other way to bind twisted.cred and twisted.web together?
(except the  deprecated twisted.web.guard)

2. The approach in (B) which suggests that request.getSession() along
is quite enough to implement an simple authentication feature. Here
the "simple scenario" means to guard some resource with username and
password.
To do it: In a protected resource, just to check for a flag in the
session, if failure, then redirect to login page. If succeeded, render
the resource. Why shall we bother the portal, credentials,
checker,.... ?

Any suggestion? Thanks in advance.



More information about the Twisted-Python mailing list