Chapter 22. TurboGears Identity and Security

In This Chapter

  • 22.1 Basic Authentication/Authorization with Identity 418

  • 22.2 Validating User Access with Identity 424

  • 22.3 Avoiding Common Security Pitfalls 426

  • 22.4 Summary 426

There are two major segments to creating a “secure” web application. You need to write code to manage user authentication and authorization to assure that you grant access only to the right people. Then you need to make sure that you don’t write application code that opens you up to potentially malicious behavior.

For the first set of issues, TurboGears provides the Identity framework, which can handle user authentication for you, and provides a very user-friendly API for adding authorization logic into your application. ...

Get Rapid Web Applications with TurboGears: Using Python to Create Ajax-Powered Sites now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial