[Zope-dev] Login/Authentication/Authorization tools wrt SquishDot
Andreas Kostyrka
andreas@mtg.co.at
Wed, 25 Aug 1999 15:00:03 +0200 (CEST)
On Wed, 25 Aug 1999, Neal Holtz wrote:
> 1. A way to identify in DTML the rights of the current user, so
> pages can be adapted. I would like to get the loginId for the
> user, but more important, I think, would be just a way to
> test for various roles. EG: "is the current user a registered
> student?", etc.
has_role, has_permission are methods of the AUTHENTICATED_USER.
> 2. A way to import a few hundred userids, passwords, and roles,
> from our own registration databases. Or would it be better
> to let the webserver authenticate people? - I was going to let
> Zope do it.
Well, you should then probably write or develop a UserFolder class that
authenticates against your existing databases :)
> 3. A way to have a 'login' link that allows a user to change their
> identities at any time (more useful for me during testing, but I
> would like anyone to be able to view pages anonymously at
> any time, but only have to login when they wish to post an
> unmoderated response to an article.
Well, a login link is no problem. But changing userid is difficult with
Basic Authentication as is: As long your rights suffice, you have to kill
the browser. If the permissions are not enough, you will be prompted
automatically for a new userid.
> I haven't seen any obvious way to do any of this. Did I miss
> something? Is anyone else working on something similar? If this is
> already documented somewhere (if only in Python code), pointers to
> that would be just fine.
Well, just look at the source code :)
Andreas
--
Andreas Kostyrka | andreas@mtg.co.at
phone: +43/1/7070750 | phone: +43/676/4091256
MTG Handelsges.m.b.H. | fax: +43/1/7065299
Raiffeisenstr. 16/9 | 2320 Zwoelfaxing AUSTRIA