Am i correct to say once a user has logged in using LDAP authentication, a user entry and folder is created within zope/cps ?
If this is the case, then how are the groups stored against a user in a standard zope/cps based authentication scenario?
Is it possible to create/sync all available LDAP groups in zope/cps either at server startup or at some other stage? If not automatable, create the groups in zope/cps manually (i know this is possible :) ).
How about when a user logs in, groups that the user has been assigned to in LDAP are created/sync in zope/cps ? (removing group assignment the no longer belong too )
thoughts anyone?
On 4/19/06, Georges Racinet <[EMAIL PROTECTED]> wrote:
On Apr 19, 2006, at 1:23 AM, Damian Georgiou wrote:
> Hi,
>
> I am currently using CPSLDAP for user authentication but required
> LDAP to store group information. It has been suggested to me that i
> use something else to manage the LDAP group extraction. What should
> i use? (CPSLDAP with ? or another solution altogether)
The main problem lies in cross references. While it's easy to extract
the members of a group from LDAP, it's harder to provide on a
member's entry the list of groups she belongs to (and you can't live
without that). Of course the problem is the same with the current
ZODB/LDAP mixed setup. Take a look in 'members' and 'members_ldap'
schemas, you'll see that there is a read-process-expr doing exactly
that. Of course it's up to you to adapt this right away to a full
LDAP setup, but it's suboptimal (of course this depends on the volume
you're after). If you do this, we'd be happy to include
It would be much better to have your LDAP server do the job. I'm not
knowledgable enough about LDAP, but after a bit of googling, I came
to the conclusion that computed attributes aren't part of the
standard protocol and come as proprietary extensions/plugins. I found
very few info about this overall; please someone correct me if I'm
wrong.
Hope this helps a little bit.
Cheers,
---------
Georges Racinet Nuxeo SAS
[EMAIL PROTECTED] http://nuxeo.com
Tel: +33 (0) 1 40 33 71 73
_______________________________________________ cps-users mailing list [email protected] http://lists.nuxeo.com/mailman/listinfo/cps-users
