Different Login Screens for Management and User?
In creating my web site, I'm planning on limiting access to certain portions of the site to registered users. When a user attempts to "view" these areas, if they haven't logged in, I want to display a login page and get their name and password. I also want to provide a way for the web site management team to login and perform management activities. I would like to present a different login screen (maybe just a basic auth dialog) to allow access to management functions. I've been playing around a little with GUF, but I haven't found a way to present two different login screens based on the type of page being accessed. Is this type of functionality possible with Zope? Would the LoginManager allow for this sort of thing? Thanks. James W. Howe mailto:jwh@allencreek.com Allen Creek Software, Inc. pgpkey: http://ic.net/~jwh/pgpkey.html Ann Arbor, MI 48103
In article <4.2.2.20000229130047.00b88100@saladin.aisys.com>, James W. Howe <jwh@allencreek.com> wrote:
management team to login and perform management activities. I would like to present a different login screen (maybe just a basic auth dialog) to allow access to management functions. I've been playing around a little with GUF, but I haven't found a way to present two different login screens based on the type of page being accessed. Is this type of functionality possible with Zope? Would the LoginManager allow for this sort of thing?
LoginManager now has this capability. The loginForm is passed "needroles", the list of roles one would have to have one of to perform the action that prompted the login. Thus you could do: <dtml-if "'Member' in needroles"> ... member login form ... <dtml-else> ... manager login form ... </dtml-if> (note that 'Manager' is likely allowed to do both member and manager things, and thus checking "'Manager' in needroles" would be true in either case and not do what you want)
Hmm what is a LoginManager? Is it a product similar to GUF? If yes where can we get it from? I am in need of such a beast so I want to explore the possibilities. Thanks Pavlos On 2 Mar 2000, Ty Sarna wrote:
"needroles", the list of roles one would have to have one of to perform the action that prompted the login. Thus you could do:
In article <Pine.LNX.4.04.10003021600070.11976-100000@gaaros.msrc.sunysb.edu>, Pavlos Christoforou <pavlos@gaaros.com> wrote:
Hmm what is a LoginManager? Is it a product similar to GUF? If yes where can we get it from? I am in need of such a beast so I want to explore the possibilities.
LoginManager is a thing that aims to replace user folders. It accepts plugin User Sources (which know about users) and Login Methods (plugins for different methods of logging in -- things like Basic Auth, Cookie Auth, etc). You can get it from the ZopePTK CVS. (It's useable without PTK, though -- there's nothing PTK-specific about it. It's just that it's particularly useful for PTK) LoginManager currently comes with a default User Source called Generic User Source (GUS), that is a GUF-like roll-your-own system. It uses GUF-compatible methods (userExists, userRoles, etc), so converting any GUF-using site to a LM site should be pretty easy. We plan to write another User Source that is a simple ZODB-based plugin that parallels the current plain User Folder. Other existing User Folders (etcUserFolder, etc) could/should be converted to user sources. One advantage is that you can have more than one user source, so if you need to have employee logins from your corporate LDAP directory and customer logins from your Oracle database, you can do that. The implementations of each can be completely separate and reuseable. Another advantage is that there is no longer the "n times m" problem of login methods. If someone writes a PostGresSQLUserFolder that does SSL client certificates, there's no easy way for you to use that SSL client certificate capability with etcUserFolder. But with LoginManager, if someone writes a SSL client certificate Login Method and someone else makes an etcUserSource, they automagically work together. There are some other cool features too, and more coming. By the way, for those of you who were at IPC8 and were confused by the RIPP Patterns talk (which is everyone who attended, I think ;->), LoginManager is so far a good example of at least the RI part of it. LoginManager is the Implementor for users (it's just called acl_users instead of I_User :->). User Sources are really Racks. The "things from different authors automatically work together" nature of LoginManager is exatly what RIPP is for. Now that we have an example, maybe we can try to explain it better and get other people using it for other things :-)
On 6 Mar 2000, Ty Sarna wrote:
You can get it from the ZopePTK CVS. (It's useable without PTK, though -- there's nothing PTK-specific about it. It's just that it's particularly useful for PTK)
Thanks a lot Ty for the detailed reply. Mostly for clarifying a few of the stuff you were talking about at IPC. Seems to me that at least some of the major components of Zope should be designed in this manner, but on the other hand it is only after one codes a few specific situations that the general pattern emerges. Regards Pavlos
participants (3)
-
James W. Howe -
Pavlos Christoforou -
tsarna@endicor.com