On Apr 19, 2006, at 1:23 AM, Damian Georgiou wrote:
Hi,
I am currently using CPSLDAP for user authentication but required
LDAP to store group information. It has been suggested to me that i
use something else to manage the LDAP group extraction. What should
i use? (CPSLDAP with ? or another solution altogether)
The main problem lies in cross references. While it's easy to extract
the members of a group from LDAP, it's harder to provide on a
member's entry the list of groups she belongs to (and you can't live
without that). Of course the problem is the same with the current
ZODB/LDAP mixed setup. Take a look in 'members' and 'members_ldap'
schemas, you'll see that there is a read-process-expr doing exactly
that. Of course it's up to you to adapt this right away to a full
LDAP setup, but it's suboptimal (of course this depends on the volume
you're after). If you do this, we'd be happy to include
It would be much better to have your LDAP server do the job. I'm not
knowledgable enough about LDAP, but after a bit of googling, I came
to the conclusion that computed attributes aren't part of the
standard protocol and come as proprietary extensions/plugins. I found
very few info about this overall; please someone correct me if I'm
wrong.
Hope this helps a little bit.
Cheers,
---------
Georges Racinet Nuxeo SAS
[EMAIL PROTECTED] http://nuxeo.com
Tel: +33 (0) 1 40 33 71 73
_______________________________________________
cps-devel mailing list
http://lists.nuxeo.com/mailman/listinfo/cps-devel
