[Zope] Single Sign-on using Zope

Marc Burgauer marc at sharedbase.com
Fri Aug 6 04:51:01 EDT 2004


We are using exUserFolder (http://sourceforge.net/projects/exuserfolder/)
for precisely that reason. It offers authentication against a number of
sources, including a SQL database. (We're using PostgreSQL.)

It does offer setting a cookie, but we're not using this part. People have
to log-in to each app, but they can use the same username and password.
(Basically we want people to be able to use the apps, even if they use a
browser with no cookie support, e.g. on a smartphone.)

When using cookies, be aware that there are restrictions what servers can
read the cookie. From the time when we used cookies (back when we were doing
stuff in PHP), you have to set the domain bit generic enough and all your
apps have to be accessed from the same basic domain.

exUserFolder is quite extensible and a number of people have written extra
bits to it, so it's worth doing some research. It also has a decent user
mailing list (exuserfolder-users at lists.sourceforge.net).

HTH

Marc


On 6/8/04 12:59 am, "Dilley, Hara" <hara at sunesis.com> wrote:

> We have a set of Zope applications that handle their own authentication using
> Zope.  We also have a number of web applications using Java and Python CGI
> scripts and we would like to have users that have been authenticated through
> Zope to be able to access them without having to log in again.
> 
> So the question is, can Zope set cookies as part of its authentication
> mechanism? And what are the strings in these cookies.
> 
> There is also the reverse question:  If a user gets authenticated through
> another application and has cookies set on his/her browser, how we can we use
> these "3rd party" cookies to authenticate a user in a Zope application?
> 
> 
> 




More information about the Zope mailing list