[Zope] Single Sign on

PieterB PieterB <pieterb@gewis.nl>
Thu, 17 Apr 2003 00:33:30 +0200 (CEST)


David wrote
> I am currently building an intranet utilising Zope/Plone and plan on
> authenticating users via LDAP (ldapuserfolder).  However I am now expected
> to implement a "single sign on" system for the company which currently uses
> NT domains to authenticate users.  
> 
> Has anybody had any experience in this?  I'm beginning to think that it may
> be "easier" (short term at least) to just authenticate people via NT domain
> and drop the ldap.  I will be very grateful for any advice.

I had serious troubles trying to authenticate zope to an Active
Directory (NT-domain), because it's not completly LDAP. It was
relatively easy to use Radius (which is also supported by NT, but
might require some additional software on the NT domain server). I
used Apache 1.3.x in front of Zope. The user was both authenticated by
Apache and Zope.

Pieter