[Zope] Login by webform/session variables?

miah34@msn.com miah34@msn.com
Thu, 27 Sep 2001 22:22:35 -0500


Hi all.

I want to apologize up front because I have seen a lot of previous questions 
about logging in using LoginManager, CookieCrumbler, etc., but I'm not sure 
if they do what I need and I don't really understand some of what I read.

It seems to me that a user can log on by a form and be authenticated by 
LoginManager, for example.  But that only gives them a role (I believe), 
let's say authorized_user.  But, what I need is a way to remember WHO they 
are, not just what role they have.  I'm very new to both Zope and web design 
in general, so any help would be appreciated.

A large part of my problem right now is that I don't even know what 
questions to ask.

My general situation is this:
1.  I'm going to be storing user information in a database.
2.  I have to be able to let the appropriate user securely access that 
information, which means I'll need a user id or something like that to pull 
the data out of the database.

I talked to someone with some experience in web development who uses 
ColdFusion and he said that he gets the correct information from the user 
database to authenticate, and then sets a session variable user_id (from the 
database) which he can use to access the database.

I apologize again for the indirect approach of this question.  I just want 
to know if there is some standard way to handle this.  If someone can point 
me in the right direction (i.e. "research this and that") I'm more than 
willing to go off and do the research.  What I've seen so far is the 
possibility of using something like LoginManager with CoreSessionTracking, 
but I'm not sure if that's what I need.

Thanks in advance,
Jeremiah

_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp