Hi We have a set of Zope applications that handle their own authentication using Zope. We also have a number of web applications using Java and Python CGI scripts and we would like to have users that have been authenticated through Zope to be able to access them without having to log in again. So the question is, can Zope set cookies as part of its authentication mechanism? And what are the strings in these cookies. There is also the reverse question: If a user gets authenticated through another application and has cookies set on his/her browser, how we can we use these "3rd party" cookies to authenticate a user in a Zope application? Many Thanks
We are using exUserFolder (http://sourceforge.net/projects/exuserfolder/) for precisely that reason. It offers authentication against a number of sources, including a SQL database. (We're using PostgreSQL.) It does offer setting a cookie, but we're not using this part. People have to log-in to each app, but they can use the same username and password. (Basically we want people to be able to use the apps, even if they use a browser with no cookie support, e.g. on a smartphone.) When using cookies, be aware that there are restrictions what servers can read the cookie. From the time when we used cookies (back when we were doing stuff in PHP), you have to set the domain bit generic enough and all your apps have to be accessed from the same basic domain. exUserFolder is quite extensible and a number of people have written extra bits to it, so it's worth doing some research. It also has a decent user mailing list (exuserfolder-users@lists.sourceforge.net). HTH Marc On 6/8/04 12:59 am, "Dilley, Hara" <hara@sunesis.com> wrote:
We have a set of Zope applications that handle their own authentication using Zope. We also have a number of web applications using Java and Python CGI scripts and we would like to have users that have been authenticated through Zope to be able to access them without having to log in again.
So the question is, can Zope set cookies as part of its authentication mechanism? And what are the strings in these cookies.
There is also the reverse question: If a user gets authenticated through another application and has cookies set on his/her browser, how we can we use these "3rd party" cookies to authenticate a user in a Zope application?
Dilley, Hara wrote:
Hi
We have a set of Zope applications that handle their own authentication using Zope. We also have a number of web applications using Java and Python CGI scripts and we would like to have users that have been authenticated through Zope to be able to access them without having to log in again.
So the question is, can Zope set cookies as part of its authentication mechanism? And what are the strings in these cookies.
There is also the reverse question: If a user gets authenticated through another application and has cookies set on his/her browser, how we can we use these "3rd party" cookies to authenticate a user in a Zope application?
Have you heard of CAS? http://www.yale.edu/tp/auth/ It does Java and lots else. I also have a CASUserFolder for Zope... Chris -- Simplistix - Content Management, Zope & Python Consulting - http://www.simplistix.co.uk
Chris, I would be very much interested in that CASUserFolder for Zope you mention. Is it available someplace? Robert Chris Withers wrote:
Dilley, Hara wrote:
Hi
We have a set of Zope applications that handle their own authentication using Zope. We also have a number of web applications using Java and Python CGI scripts and we would like to have users that have been authenticated through Zope to be able to access them without having to log in again.
So the question is, can Zope set cookies as part of its authentication mechanism? And what are the strings in these cookies.
There is also the reverse question: If a user gets authenticated through another application and has cookies set on his/her browser, how we can we use these "3rd party" cookies to authenticate a user in a Zope application?
Have you heard of CAS?
It does Java and lots else. I also have a CASUserFolder for Zope...
Chris
I'd be interested in your CASUserFOlder too, thanks. robert rottermann wrote:
Chris, I would be very much interested in that CASUserFolder for Zope you mention. Is it available someplace?
Robert
Chris Withers wrote:
Dilley, Hara wrote:
Hi
We have a set of Zope applications that handle their own authentication using Zope. We also have a number of web applications using Java and Python CGI scripts and we would like to have users that have been authenticated through Zope to be able to access them without having to log in again.
So the question is, can Zope set cookies as part of its authentication mechanism? And what are the strings in these cookies.
There is also the reverse question: If a user gets authenticated through another application and has cookies set on his/her browser, how we can we use these "3rd party" cookies to authenticate a user in a Zope application?
Have you heard of CAS?
It does Java and lots else. I also have a CASUserFolder for Zope...
Chris
_______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
robert rottermann wrote:
Chris, I would be very much interested in that CASUserFolder for Zope you mention. Is it available someplace?
Not yet, keep bugging me an once http://www.simplistix.co.uk is ready, I'll release a public version! cheers, Chris -- Simplistix - Content Management, Zope & Python Consulting - http://www.simplistix.co.uk
participants (5)
-
Chris Withers -
Dilley, Hara -
Erik Myllymaki -
Marc Burgauer -
robert rottermann