[Zope] PAM Authentication & RSA Authentication Manager
Andrew Milton
akm at theinternet.com.au
Wed Feb 2 04:03:49 EST 2005
+-------[ Jens Vagelpohl ]----------------------
|
| On Feb 1, 2005, at 20:42, Tom Trelvik wrote:
|
| >Andrew Milton wrote:
| >>1st, you need PAM support on every platform.
| >
| > True, but it's not like this is the only non-Zope dependency. For
| >example, to use LDAPUserFolder I need python-ldap.
|
| Yes? That's available even on lesser operating systems from M$. Is PAM?
|
|
| > Now this makes the most sense. Unfortunately, it also doesn't apply
| >to my situation, as I'm part of a larger organization, and want to use
| >the preexisting centralized LDAP (which I of course only have read
| >access to) to manage authentication so my users don't need a new set
| >of usernames/passwords, but I'll be *managing* the users locally (Not
| >sure yet exactly how that's going to work, still working through
| >documentation and whatnot (but I certainly wouldn't mind any
| >pointers)).
|
| You can use the LDAPUserFolder in read-only mode so it does not try to
| write back to the directory and store group/role information on the
| LDAPUserFolder itself. That way the users log in with the same
| credentials *and* you can manage the roles they get in the Zope context
| locally. It's just a matter of configuration.
Ditto for exUserFolder d8)
--
Andrew Milton
akm at theinternet.com.au
More information about the Zope
mailing list