[Zope] Re: ldap authentication with apache or LDAPUserFolder?

Derrick Hudson dman at dman13.dyndns.org
Tue Jul 12 17:49:17 EDT 2005


On Mon, Jul 11, 2005 at 01:01:13PM -0500, Tim Suter wrote:
| Sorry Marco the reply to all button eluded me once again:
| 
| I deleted the access file and recreated it so I could get ready to
| delete all instances of the old LDAPUserFolder.  This has to been done
| prior to migration of Data.fs as the new Zope 2.8 isn't compatible with
| the old LDAPUserFolder.
| 
| Now, after commenting out the apache lines below:
| 
|   #<location /Zope>
|         #AuthName "Knowledge Access"
|         #AuthType Basic
|         #AuthLDAPURL ldap://X.X.org:389/o=X.org?uid?sub?
| (objectClass=person)
|         #require group cn=caitstaff,ou=Groups,o=X.org
|         #</location>
| 
| I can type in the URL for the knowledge base and it takes me straight to
| the index_html page without authentication unlike before.  However,
| after clicking the Manage Zope link, then you must enter in credentials,
| in order to access the ZMI of which the root folder contains the
| acl_users folder with the LDAPUserFolder configuration.

| Does this tell me that LDAPUserFolder is being handed the
| credentials via apache through some sort of redirect?

No, it means that the index_html object has the View permission
granted to Anonymous.  Therefore zope didn't need you to authenticate
because you already had enough privileges.  The other option is that
your browser remembered your credentials for that site and submitted
them without asking you.

-D

-- 
"...the word HACK is used as a verb to indicate a massive amount
of nerd-like effort."  -Harley Hahn, A Student's Guide to Unix
 
www: http://dman13.dyndns.org/~dman/            jabber: dman at dman13.dyndns.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://mail.zope.org/pipermail/zope/attachments/20050712/2c373613/attachment.bin


More information about the Zope mailing list