[Zope-dev] SAP SSO feature for Zope/LDAPUserFolder
Dirk Datzert
dummy at habmalnefrage.de
Sat Jun 25 13:13:06 EDT 2005
Hi,
we have Zope 2.6.4 and 2.7.6 with LDAPUserFolder and CookieCrumbler in use.
One of our next goals is to integrate the Single-Sign-On-Ticket feature of
SAP-Portal.
SAP sent a cookie called MYSAPSSO2 which contains a certified signature and
the Login-Name of a user.
Normally the Login-Name will be validated by LDAPUserFolder with password
against LDAP-Directory and the roles of the user will be assigned to the
user object.
We have now an external web-service which can validate the MYSAPSSO2-Ticket
and return the Login-Name.
I'm looking now for the best way to integrate/rewrite
CookieCrumbler/LDAPUserFolder to take the validated Login-Name and read the
roles of the user out of the LDAP-directory.
Any ideas ? Maybe comments by Jens or Shane ?
Regards,
Dirk
--
Geschenkt: 3 Monate GMX ProMail gratis + 3 Ausgaben stern gratis
++ Jetzt anmelden & testen ++ http://www.gmx.net/de/go/promail ++
More information about the Zope-Dev
mailing list