[Grok-dev] LDAP authentication and groups
Sebastian Ware
sebastian at urbantalk.se
Thu Aug 6 11:20:58 EDT 2009
Have you looked at this:
http://grok.zope.org/documentation/how-to/authentication-with-grok
Mvh Sebastian
6 aug 2009 kl. 17.15 skrev Jeroen Michiel:
>
> Hi,
>
> I'm trying to authenticate against our Active Directory server using
> LDAP.
> I got authentication going with ldappas and ldapadapter.
>
> Now I want to assign roles and permissions based on the Groups the
> user is a
> member of, as configured in the Active Directory server (so
> administration
> remains centralized in the AD server). What is the best approach to
> this?
> Should I
> * subscribe to the IPrincipalCreated event and then get the auth
> plugin via
> the authentication attribute of the event and search with the
> appropriate
> ldap identifiers and add the found groups to the groups attribute
> (perhaps
> with a prefix)?
> * create my own PrincipalFactory and do the stuff in there?
> * Don't use the AD groups, but implement my own in my server, ending
> up with
> decentralized administration.
> * ...
>
> Any help or ideas appreciated!
>
> --
> View this message in context: http://www.nabble.com/LDAP-authentication-and-groups-tp24848493p24848493.html
> Sent from the Grok mailing list archive at Nabble.com.
>
> _______________________________________________
> Grok-dev mailing list
> Grok-dev at zope.org
> http://mail.zope.org/mailman/listinfo/grok-dev
More information about the Grok-dev
mailing list