RE: [Zope] Authenticate with Windows Domain
Thanks for all of the advice. Does anyone know of a way to take the windows credentials that the user is signed onto the local machine with and pass those to zope for authentication? Thanks -----Original Message----- From: volker.wend@efgbsh.de [mailto:volker.wend@efgbsh.de] Sent: Tuesday, March 30, 2004 5:12 AM To: Jean-Francois.Doyon@CCRS.NRCan.gc.ca; icarr@compxnet.com; zope@zope.org Subject: AW: [Zope] Authenticate with Windows Domain If you use an Active Directory, use the LDAPUserfolder. http://www.dataflake.org/software/ldapuserfolder VW
-----Ursprüngliche Nachricht----- Von: zope-bounces@zope.org [mailto:zope-bounces@zope.org] Im Auftrag von Jean-Francois.Doyon@CCRS.NRCan.gc.ca Gesendet: Dienstag, 30. März 2004 00:15 An: icarr@compxnet.com; zope@zope.org Betreff: RE: [Zope] Authenticate with Windows Domain
I've never done it at all, but a few ideas come to mind:
If you're using Active Directory, maybe the Python LDAP tools could help ...
Otherwise, using the w32all Python extensions, you could probably write some code that would do it by binding with COM or something like that ?
J.F.
-----Original Message----- From: zope-bounces@zope.org [mailto:zope-bounces@zope.org]On Behalf Of Israel Carr Sent: Monday, March 29, 2004 1:58 PM To: 'zope@zope.org' Subject: [Zope] Authenticate with Windows Domain
Is it possible to setup a zope server to authenticate users against a windows nt domain?
_______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
_______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Israel Carr wrote:
Thanks for all of the advice. Does anyone know of a way to take the windows credentials that the user is signed onto the local machine with and pass those to zope for authentication?
It sounds like the NTLM protocol could be a solution. One way to implement it with Zope could be like this: Let Apache authenticate your users using the NTML protocol. The users will experience this transparently. You’ll need to plugin mod_ntlm for Apache: http://sourceforge.net/projects/modntlm/ Plugin Remote User Folder on the Zope side to obtain the authenticated user from the webserver. http://www.zope.org/Members/djay/RemoteUserFolder /Anton Stonor
Israel Carr wrote:
Thanks for all of the advice. Does anyone know of a way to take the windows credentials that the user is signed onto the local machine with and pass those to zope for authentication?
That is a horrible and nasty hack rather than anything approaching a protocol, from my memory of it. I thought M$ dropped support for it anyway? Chris -- Simplistix - Content Management, Zope & Python Consulting - http://www.simplistix.co.uk
Chris Withers wrote.. about NTLM?
That is a horrible and nasty hack rather than anything approaching a protocol, from my memory of it. I thought M$ dropped support for it anyway?
Possibly a hack, but it works :-) And being a lazy kind of guy I (as a user) really enjoy skipping the Intranet sign-on. Maybe Microsoft dropped NTLM support--on the other hand, Mozilla recently added it. /Anton
participants (3)
-
Anton Stonor -
Chris Withers -
Israel Carr