[Zope] access to zope folder by legacy authorization system
jbr@FIZ-Karlsruhe.DE
jbr@FIZ-Karlsruhe.DE
Thu, 14 Mar 2002 15:31:47 +0100 (MET)
Hello,
I am using Zope 2.5.0. As I am new to Zope I have been reading the pdf Version of the Zope
Book which covers Zope 2.5.
I need just a hint how to do the following:
1.) I have a folder (named secret1) with many sub-folders. This folder and its
sub-folders should be restricted for Anonymous Web users visiting our site.
In the folder secret1 are items for which access is restricted.
For example in folder secret1 is a restricted item item1.
2.) I have a legacy sytem, which must be called by perl modules, to ask if a
web user is authorized to see item1.
After login to the legacy system it returns an authorization-id.
I would like to store this id in a zope session object belonging to
the web end user in order to have login to the legacy authification
system only once. If the legacy system is asked for authorization later
I can use the authorization-id and I don't have to ask the web user again for
userid /pw.
3.) If the web user wants to see folder secret1, I want to use the
authorization-id of the legacy system ( which I get from the zope
session object after user has done login to the
legacy system once) to ask if he may get access to folder secret1.
This call has to be done by perl also.
If the legacy authification system grants access, I will allow access to the
zope folder.
To allow access could be done by a python script or external method based on the
return values of the perl pgm.
Step 2 must be done by a perl program. Can I use a perl script ? Or are there
security reasons to call a perl method instead ?
If the latter is the case:
Do I have to use pyperl to call perl from an external python module ?
Or do I have to use a external Perl Module using zoperl ?
For step 3: How can I get Zope to look for the legacy system for authorization if I enter
an protected folder like secret1 ore any of its sub-folders.
With kind regards, Juergen Berger