hi,
im trying to understand how to implement my own authentication and authorization machinery for my GAE app. does anyone already implemented something like that and maybe can give me some advice?
what i need is grant access on certain sections to specific users and restrict the access to others.
i looked at repoze.who and reapoze.what but its not really clear to me how to use them on app engine.
thank you
Maybe taking a look at tipfy.ext.auth (doc, wiki, source code,) and tipfy.ext.acl (doc, wiki, source code) would provide you with a little kickstart. Those are extensions built on top of tipfy, a open source lightweight python-based framework made for GAE.
In order to get a better understanding of their usage and implementation, make sure to peek at the source code of each and the associated testsuites.
From your question it is not clear if you are using java or python. I have done my custom user management with authentication/authorization using spring-security in java GAE. Things work fine.