Zope-pluggableauth

================

- As the ``camefrom`` information is most probably used for a redirect,
require it to be an absolute URL (see also
http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.htmlsec14.30).

================

- Add a hook to ``SessionCredentialsPlugin`` (``_makeCredentials``) that can
be overriden in subclasses to store the credentials in the session
differently.

For example, you could use ``keas.kmi`` and encrypt the passwords of the
currently logged-in users so they don't appear in plain text in the ZODB.

================

- Move concrete ``IAuthenticatorPlugin`` implementations from
``zope.app.authentication`` to ``zope.pluggableauth.plugins``.

As a result, projects that want to use the ``IAuthenticator`` plugins
(previously found in ``zope.app.authentication``) do not automatically
also pull in the ``zope.app.*`` dependencies that are needed to register
the ZMI views.

==================

- Fix dependency declaration.

==================

- Add ``persistent.Persistent`` and ``zope.container.contained.Contained`` as
bases for ``zope.pluggableauth.plugins.session.SessionCredentialsPlugin``,
so instances of ``zope.app.authentication.session.SessionCredentialsPlugin``
won't be changed.
(https://mail.zope.org/pipermail/zope-dev/2010-July/040898.html)

==================

* Declare adapter in a new ZCML file : `principalfactories.zcml`. Avoids
duplication errors in ``zope.app.authentication``.