Tim Hawes wrote:
OK, ZopeLDAP is not doing what I want, so I am going to use python-ldap directly in a script.
I make ldap module legal to use in a __init__.py file, I can now use the ldap module on my own... that is, I can so long as I do not attempt to bind to an ldap server.
Site Error
An error was encountered while publishing this resource.
Unauthorized
Sorry, a site error occurred.
Traceback (innermost last): ... Unauthorized: simple_bind_s
I get this after it tries to reauthenticate me. What the heck is this, and how do I tell Zope security to shut up and leave me alone? Anonymous binds are not permitted by the LDAP server I am trying to connect to, so I have to bind as the directory manager. I will also be adding routines to add, delete, and modify entries in LDAP through Zope, so I need to make sure all my bases are covered here.
OK, the short answer is that simple_bind_s is trying to be called from a python script, and the security mechanism is saying "woah! I dont know anything about that!". One cheesy way around this is to create an external method to return you a "wrapped" LDAP object that has the special attribute _allow_access_to_unprotected_subobjects_ = 1 set. Alternatively, you can move all of the LDAP-using routines into external methods. Basically, once the LDAP routines pass an object into the Zope environment, Zope will try to see if it has any information about the security on the object. If it cant see any security declarations, it will presume the object's methods are protected by default. -- Matt Kromer Zope Corporation http://www.zope.com/