Name	Space	Section	Page	Version	Status	Reviewed	Author(s)
Home	Authkit Cookbook	Home	Authkit Cookbook	1.0	Draft	False	James Gardner

AuthKit

AuthKit 0.4 is a complete authentication and authorisation framework for WSGI applications including Pylons.

The main documentation for AuthKit is chapters 19 and 20 of the forthoming book "The Definitive Guide to Pylons". If you are new to AuthKit you should read those chapters first:

• Authentication and Authorization
• [Advanced AuthKit]

This cookbook is for tutorials or other documentation that does not belong in the Pylons book chapters.

AuthKit has not been audited by a security expert, please use with caution at your own risk (or better yet, report security holes).

Any comments, suggestions or improvements would be gratefully received on the AuthKit mailing list.

Cookbook Documentation

• AuthKit Architecture
• Configuration
• AuthKit Authentication Methods
  • Basic
  • Digest
  • Form
  • Forward
  • OpenID Passurl
  • Redirect
• Different Ways of Authorizing Users
• Implement Your Own Authentication Method
• Differences between AuthKit and TurboGears Identity

Choosing an Approach

• If you want to use a different authentication method you can configure it in your config file
• If you want different authorization checks you can create your own permissions objects
• If you don't want to use the user management API you can use your own ``authenticate()`` function and your own permission objects for authorization checks
• If you don't want to use AuthKit's authentication you can use the ``forward`` or ``redirect`` methods.
• If you want a different authentication method you can implement your own.
• If you want to use the User Management API you can create your own driver for a different back end such as LDAP or a pure SQL database