-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Create session cookie so headers are only needed on login page #6
Comments
Problem: with the idea above we can set an Options:
So we might need a few extra options for our plugin, by default false:
I guess all four combinations of yes/no could be valid, depending on your use case. |
Current plan:
Optionally creating simple users on the fly is nice for later. I don't need this for my current client. |
Currently the headers are needed on every page. When the headers are gone, you are no longer logged in. It would be useful if you stay logged in. Then a frontend server (nginx, Apache) only needs to check for example SAML or CAS only for one, or a few, pages.
__ac
cookie by callingself._getPAS().updateCredentials
.updateCredentials
fromplone.session
.enumerateUsers
, although possibly a user with the same id can be found from LDAP or elsewhere.So:
updateCredentials
. I think we would call this fromauthenticateCredentials
.Ah, or we would just call
_setupSession
from plone.session directly.The text was updated successfully, but these errors were encountered: