[Zope] GUF: Generic User Folder

Hung Jung Lu hungjunglu@hotmail.com
Tue, 14 Mar 2000 16:16:32 PST


OK, I know some of you are out there watching. :)

Here is what I found out you can do to use Zope's folder
security features using your own user info database, your
own login interface, and without using GUF (Generic User
Folder). It's kind of simple, so don't expect too much. :)
Hey, but at least it does not lock you up and send you
into a panic attack. :)

(1) Have your own login interface, and use some session
    management product or cookies to keep track of whether
    the user has been authenticated by you.

(2) Create additional user-defined roles at the root of
    your Zope project. (Click on the 'Security' tab of
    the root folder, and scroll to the bottom.) E.g:
    'teacher', 'student', 'parent', etc.

(3) Create an acl_users folder at the root of your Zope
    project. Inside the acl_users folder, add new generic
    users. E.g: 'GenericTeacher', 'GenericStudent',
    'GenericParent'. Assign non-trivial passwords to them,
    of course.

(4) In your standard_html_header or equivalent, you then
    check against your cookies or session data. If the
    user is a teacher, then call:

    <dtml-call "REQUEST.set('AUTHENTICATED_USER',
                acl_users.getUser('GenericTeacher'))">

Voila! Now you can use Zope's security settings to prevent
people from accessing given folders.

Hung Jung

______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com