[Zope] Shadow password

Stuart 'Zen' Bishop zen@cs.rmit.edu.au
Sat, 29 Jan 2000 15:07:13 +1100 (EST)


On Fri, 28 Jan 2000, Matt Goodall wrote:

> I would like to authenticate users from the UNIX system. Unfortunately,
> my system uses shadow passwords which are not world readable so I can't
> use the etcUserFolder product.
> 
> I understand the security implications of this next question but is
> there any way to authenticate users but from a shadow password file?

You could use the GenericUserFolder in a number of ways to do this:
    - Authenticate using an external method, that calls a SUID program
      to validate the password
    - Install a Radius server on your Unix host, and authenticate using
      the ZRadius product

The LDAP Adaptor would also work if you can install an LDAP server on
your UNIX box.


-- 
 ___
   //     Zen (alias Stuart Bishop)     Work: zen@cs.rmit.edu.au
  // E N  Senior Systems Alchemist      Play: zen@shangri-la.dropbear.id.au
 //__     Computer Science, RMIT 	 WWW: http://www.cs.rmit.edu.au/~zen