Zope-app-authentication

------------------

* Fix tests by using zope.login, and require new zope.publisher 3.12.

------------------

* Fix ftesting.zcml due to ``zope.securitypolicy`` update.

* Don't use ``zope.app.testing.ztapi`` in tests, use zope.component's
testing functions instead.

* Fix functional tests and stop using port 8081. Redirecting to
different port without trusted flag is not allowed.

------------------

* Separate the presentation template and camefrom/redirection logic for the
``loginForm.html`` view. Now the logic is contained in the
``zope.app.authentication.browser.loginform.LoginForm`` class.

* Fix login form redirection failure in some cases with Python 2.6.

* Use the new ``zope.authentication`` package instead of ``zope.app.security``.

* The "Password Manager Names" vocabulary and simple password manager registry
were moved to the ``zope.password`` package.

* Remove deprecated code.

------------------

* Split password manager functionality off to the new ``zope.password``
package. Backward-compatibility imports are left in place.

* Use ``zope.site`` instead of ``zope.app.component``. (Browser code still
needs ``zope.app.component`` as it depends on view classes of this
package.)

--------------------

* Make old encoded passwords really work.

--------------------

* Use ``zope.container`` instead of ``zope.app.container``. (Browser code
still needs ``zope.app.container`` as it depends on view classes of this
package.)

* Encoded passwords are now stored with a prefix ({MD5}, {SHA1},
{SSHA}) indicating the used encoding schema. Old (encoded) passwords
can still be used.

* Add an SSHA password manager that is compatible with standard LDAP
passwords. As this encoding gives better security agains dictionary
attacks, users are encouraged to switch to this new password schema.

* InternalPrincipal now uses SSHA password manager by default.