just subclass from AccessControl.User.BasicUserFolder. i only subclassed from ObjectManager as well to enable storing custom login forms and scripts right inside the LDAPUserFolder object, as dirk already pointed out. just FYI, version 2.0 of the LDAPUserFolder will allow you to specify a bind-DN and password to be used only during the initial login stage when the user object has not been created yet, and use the user's own credentials after that. the first beta of 2.0 will be released some time this weekend. jens On Wednesday, Nov 27, 2002, at 15:21 US/Eastern, Josef Meile wrote:
Hi,
I was looking at the code of the LDAPUserFolder and realized that it inherits from Object Manager. I'm just wondering if this is necesary. Does an user folder have to store some temporal data of a user while he's connected? or is it enough with the cookies used by zope?
The reason of my question is that I want to implement a very simple user folder that directly authenticates a user against a LDAP server without searching his DN on the database. In my case, I know that all the DNs of the users of my system are the same except by the username and password, so I could do something like:
import ldap LDAPSERVER=ldap.initialize(LDAPServerUrl+':'+serverPort) LDAPSERVER.bind_s('cn='+userId+baseDN,userPassword,ldap.AUTH_SIMPLE)
I tested that code and it worked fine. My problem with the LDAPUserFolder is that if the server doesn't support anonymous connections, I'll need a bind password and username because this product searches the user's DN and then sends it with the user's password. The people from technical doesn't agree much with this approach. For they would be better if I did directly without such information.
Thanks in advanced, Josef