[server] Make connection pooler configurable and set better default values
Drop the configuration connections-pool-size and add new configurations options:
* connections-pool-min-size. Set to 0 by default so we open connections only
when needed. This avoid opening min-size*processes connections at startup,
which is, it think, a good default.
* connections-pool-max-size. Set to 0 (unlimited) by default, so we move the
bottleneck to postgresql.
* connections-idle-timeout. Set to 10 minutes. I don't have arguments about
this except that this is the default in pgbouncer.
Authentication
==============
Overview
--------
A default authentication stack is provided by the :mod:`cubicweb.pyramid.auth`
module, which is included by :mod:`cubicweb.pyramid.default`.
The authentication stack is built around `pyramid_multiauth`_, and provides a
few default policies that reproduce the default cubicweb behavior.
.. note::
Note that this module only provides an authentication policy, not the views
that handle the login form. See :ref:`login_module`
Customize
---------
The default policies can be individually deactivated, as well as the default
authentication callback that returns the current user groups as :term:`principals`.
The following settings can be set to `False`:
- :confval:`cubicweb.auth.update_login_time`. Activate the policy that update
the user `login_time` when `remember` is called.
- :confval:`cubicweb.auth.authtkt` and all its subvalues.
- :confval:`cubicweb.auth.groups_principals`
Additionnal policies can be added by accessing the MultiAuthenticationPolicy
instance in the registry:
.. code-block:: python
mypolicy = SomePolicy()
authpolicy = config.registry['cubicweb.authpolicy']
authpolicy._policies.append(mypolicy)
.. _pyramid_multiauth: https://github.com/mozilla-services/pyramid_multiauth