[Zope] Auto-Login from MS Domain
sean.upton@uniontrib.com
sean.upton@uniontrib.com
Fri, 08 Mar 2002 09:21:16 -0800
XUF running on a Unix or NT box will do SMB auth off any NT box in a domain,
but can't do anything as nice as map Domain groups to roles, and dive users
in those groups certain roles, etc. This is a limitation of the client
library. The only reasonable workaround if your Zope box runs Unix is
likely something like LDAP (if your network supports it) as a bridge to your
NT Domain info; though if your Zope instance runs on an NT box I think there
are some tools to allow you to do NT Authentication and also Authorization
(map users to roles somehow).
I can say, however, that the XUF SMB Authentication works just fine, and is
easy to set up, provided all you are looking for is Authentication.
The magic IE-specific NTLM-over-HTTP auth mechanism could work, provided you
hacked it into ZServer, becuase it requires a specifc sequence of HTTP
responses and headers... I've never used this, but found some info at:
http://www.innovation.ch/java/ntlm.html
Sean
-----Original Message-----
From: Andy McKay [mailto:andy@agmweb.ca]
Sent: Friday, March 08, 2002 7:55 AM
To: zope@zope.org
Subject: Re: [Zope] Auto-Login from MS Domain
Doesn't XUF have some way of auth'ing from a Windows domain? I don't know if
you can auto login to a site by magically requesting the network login,
sounds like it would be bit of a security risk...
----- Original Message -----
From: "Chris Withers" <chrisw@nipltd.com>
To: <zope@zope.org>
Sent: Friday, March 08, 2002 4:40 AM
Subject: [Zope] Auto-Login from MS Domain
> Hi All,
>
> Does anyone have any idea how I could get a browser to provide
authentication credentials
> (either basic auth or cookie auth) from the user's Network Login?
>
> This is on Windoze, although I'm not sure of the specifics.
>
> What are the options?
>
> cheers,
>
> Chris
>
> _______________________________________________
> Zope maillist - Zope@zope.org
> http://lists.zope.org/mailman/listinfo/zope
> ** No cross posts or HTML encoding! **
> (Related lists -
> http://lists.zope.org/mailman/listinfo/zope-announce
> http://lists.zope.org/mailman/listinfo/zope-dev )
>
_______________________________________________
Zope maillist - Zope@zope.org
http://lists.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org/mailman/listinfo/zope-announce
http://lists.zope.org/mailman/listinfo/zope-dev )