Metadata-Version: 1.0
Name: zope.password
Version: 3.5.1
Summary: Password encoding and checking utilities
Home-page: http://pypi.python.org/pypi/zope.password
Author: Zope Corporation and Contributors
Author-email: zope-dev@zope.org
License: ZPL 2.1
Description: ================
        Password Manager
        ================
        
        This package provides a password manager mechanism. Password manager is an
        utility object that can encode and check encoded passwords. Beyond the generic
        interface, this package also provides four implementations:
        
        * PlainTextPasswordManager - the most simple and the less secure one. It does
        not do any password encoding and simply checks password by string equality.
        It's useful in tests or as a base class for more secure implementations.
        
        * MD5PasswordManager - a password manager that uses MD5 algorithm to encode
        passwords. It adds salt to the encoded password, but the salt is not used
        for encoding the password itself, so the use of salt in it is purely
        cosmetical. It's generally weak against dictionary attacks.
        
        * SHA1PasswordManager - a password manager that uses SHA1 algorithm to encode
        passwords. It has the same salt weakness as the MD5PasswordManager.
        
        * SSHAPasswordManager - the most secure password manager that is strong against
        dictionary attacks. It's basically SHA1-encoding password manager which also
        incorporates a salt into the password when encoding it. This password manager
        is compatible with passwords used in LDAP databases.
        
        It is strongly recommended to use SSHAPasswordManager, as it's the most secure.
        
        
        Usage
        -----
        
        It's very easy to use password managers. The ``zope.password.interfaces.IPasswordManager``
        interface defines only two methods::
        
        def encodePassword(password):
        """Return encoded data for the given password"""
        
        def checkPassword(encoded_password, password):
        """Return whether the given encoded data coincide with the given password"""
        
        The implementations mentioned above are in the ``zope.password.password`` module.
        
        
        Password Manager Names Vocabulary
        ---------------------------------
        
        The ``zope.password.vocabulary`` module provides a vocabulary of registered
        password manager utility names. It is typically registered as an
        `IVocabularyFactory` utility named "Password Manager Names".
        
        It's intended to be used with ``zope.component`` and ``zope.schema``, so
        you need to have them installed and the utility registrations needs to
        be done properly. The `configure.zcml` file, contained in ``zope.password``
        does the registrations, as well as in `setUpPasswordManagers` function in
        ``zope.password.testing`` module.
        
        
        =======
        CHANGES
        =======
        
        3.5.1 (2009-03-14)
        ------------------
        
        - Make security protection directives in `configure.zcml` execute only
        if ``zope.security`` is installed. This will allow reuse of the
        `configure.zcml` file in environments without ``zope.security``,
        for example with ``repoze.zcml``.
        
        - Add "Password Manager Names" vocabulary for use with ``zope.schema``
        and ``zope.component``, like it was in ``zope.app.authentication``.
        It's an optional feature so it doesn't add hard dependency. We use
        "vocabulary" extra to list dependencies needed for vocabulary functionality.
        
        3.5.0 (2009-03-06)
        ------------------
        
        First release. This package was splitted off from ``zope.app.authentication``
        to separate password manager functionality that is greatly re-usable without
        any bit of ``zope.app.authentication`` and to reduce its dependencies.
        
Keywords: zope authentication password
Platform: UNKNOWN
Classifier: Development Status :: 5 - Production/Stable
Classifier: Environment :: Web Environment
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: Zope Public License
Classifier: Programming Language :: Python
Classifier: Natural Language :: English
Classifier: Operating System :: OS Independent
Classifier: Topic :: Internet :: WWW/HTTP
Classifier: Framework :: Zope3
