David Orr wrote at 2003-4-16 12:11 +0800:
I am currently building an intranet utilising Zope/Plone and plan on authenticating users via LDAP (ldapuserfolder). However I am now expected to implement a "single sign on" system for the company which currently uses NT domains to authenticate users.
What do you mean by "single sign on"? I expect you mean "one login for all applications, both Windows as well as intranet application".
Has anybody had any experience in this? I'm beginning to think that it may be "easier" (short term at least) to just authenticate people via NT domain and drop the ldap. I will be very grateful for any advice.
When you mean the above, then "LDAP" will not help you. I know that IE is ready to send the Windows authentication information when challenged in the correct way. We use this for our intranet applications. However, I do not know how to do this with Zope. Maybe, "NTUserFolder" supports it. Dieter