On Sun, Oct 28, 2012 at 8:54 AM, Ludwig Kraatz <ludi...@hotmail.com> wrote: > Just found a way to describe my point of view in a little different way: > * Why is there a need to have Authentication and Authorization in one App - > when both answer a totally different purpose? *
> But the answer - as you said - it might be the more convenient way in 90% of > the use cases... And because of that - easier to use. > => right..? You nailed it. In systems which separate the two, it's extremely common for developers to mistake one for the other, and build insecure systems. By providing both together by default, developers who have never considered the fact that the two concepts can be separate will do the right thing, and the 90% case for the rest of us of "I need both together" is also met. -Paul -- You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-developers@googlegroups.com. To unsubscribe from this group, send email to django-developers+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-developers?hl=en.
