Short Version of message: ZLDAPconn-0.1 and ZLDAPMethods-0.1 are now available from http://www.interlink.com.au/anthony/python/
Excellent.
I'm looking for opinions on the LDAP zope product I've been building.
We here at DC (well, I'm out of the office this week, but I'm there virtualy) have been kicking around an LDAP authentication mechanism, probably a folderoid, to go against LDAP. In fact, this was supposed to be one of my projects when I get back next week. From the details below it looks like you have thought this out well, I didn't even consider making an API of methods like XSQL methods, good idea!
Right now, LDAP connections work, LDAP Methods work, but there's still a bit more to do. Right now, the following is unimplemented:
In ZLDAPconn: . Anything other than simple_bind(who, passwd) for connecting to the LDAP server
That's where we want to start...
. meaningful doc strings
In ZLDAPMethods: . Pluggable Brains . Result Caching . Limits on the number of results . Variable interpolation in the filters, and in the base DN . modify or add queries (only search is supported right now) . meaningful doc strings :)
Under the catagory 'result caching' you might want to consider making some kind of Connection Manager in your LDAP Connection. A model I've been kicking around is a CM class that manages Connections and uses a simple caching algoritm. Wrapping all of the API in a class will also help yu when you want to break out the LDAP stuff and stick it in shared. In this way, it becomes a sort of 'Device Driver' (to use Ken's terminology) for the entire Zope system. We're going to be doing this with the IMAP functionality that NotMail uses. I'm assuming what you call an LDAP connection is like a Database Adapter is to ZSQL methods. Maybe you might want to consider calling these LDAP Adapters.
Other stuff: . UserLDAP is not finished yet (or released) - the primary issue is the storing of roles and domains. Right now this would have to be some non-standard LDAP attribute... but what should it be? It also probably needs modify and add added to ZLDAPMethods before being really useful.
The etcUserFolder product has a settable property to change the 'default role' that the users are given. You can check it out from the download page, it is also in cvs under Packages/Products/etcUserFolder
Things I'd like comments on: For ZLDAPconn: what other bind methods would you like to see? For ZLDAPMethods: how should add/modify/query be distinguished? Separate methods?
I'd have to look at the code, I'll get back to you. (hey paul, I need a laptop!)
I had planned to get variable interpolation working tonight, but decided I'd rather get an early night. Probably tomorrow evening, instead. Stuff I hope to get going in the next day or so: variable interpolation, pluggable brains.
Don't hurt yourself. It looks like you got this down pretty good, I'll proablby be looking into incorporating much of this if not all into Zope, want to be in charge of zope LDAP? We can give you an area on the site.
Anyway, ZLDAPconn-0.1 and ZLDAPMethods-0.1 are now available from http://www.interlink.com.au/anthony/python/
It requires David Leonard's ldapmodule, from http://www.it.uq.edu.au/personal/leonard/dc-prj/ldapmodule/
It's been tested on Linux 2.2, under Zope 1.10.2 and ZServer. Assuming the ldapmodule works on other platforms (it's available in source, and also as a windows .pyd) it should work elsewhere, too.
Anthony
_______________________________________________ Zope maillist - Zope@zope.org http://www.zope.org/mailman/listinfo/zope
(For developer-specific issues, use the companion list, zope-dev@zope.org - http://www.zope.org/mailman/listinfo/zope-dev )