[EMAIL PROTECTED] a écrit :
Hi,
I managed to develop my own directory which is able to search upon a
home-made web-service. Now i want to do it authentication for all
members. For security reason, i'm not able to catch the userPassword
field from the web service. Instead, i have an "authenticate" method
that returns either the user that has succeed authentication or False.
LDAPBackingDirectory's storage adapter from trunk also filters out the content
of the password field for the same reason (passwords are hased most of the time
on LDAP servers anyway). Accessing the password value is not required if you're
web service is able to reply if a pair of login/password do match.
I defined the isAuthenticating method that always returns True in my
IUADirectory class. I didn't touch th getEntryAuthenticated method from
the LDAPDirectory.
You should not use the LDAPDirectory as a model since it is now deprecated.
You'd better take the following directories as model:
- ZODBDirecory (local storage)
- LDAPBackingDirectory / SQLDirectory (External storage directories)
- MetaDirectory / StackingDirectory (Virtual directories)
But it appears that the searchIUA method is never called with a password
as a parameter. Is it because the authentication never pass by my
directory or did I miss something ?
What is the searchIUA method?
--
Olivier
_______________________________________________
cps-devel mailing list
http://lists.nuxeo.com/mailman/listinfo/cps-devel
