Hi Rob,
you don't state how much influence you have over the 'shop' application, but you mention having the site make an HTTP call to Plone so i'm going to assume that it's possible to do some custom coding on that side.
It is. I'm not writing it, but I can ask someone else to do some coding. It's not written in Python, though.
in the OpenPlans stack, which actually consists of several HTTP services all acting as a single 'site', we accomplish something like this by having all of our apps honor Plone's authentication cookie.
Will this not only work if all the apps are on the same domain? The shop is hosted on a completely separate infrastructure and will be DNS'd into a subdomain.
we have a custom PAS cookie auth plug-in which creates an auth cookie as a hash of the username and a secret key. all of the apps have a copy of the secret, so they can verify that the cookie is to be trusted. since your apps are going to be on the same domain, you can use a domain wildcard cookie and the remote hosted application will get it.
I see. Any documentation on how those work?
if you want session timeouts, you could integrate a time component into the hash key generation, something that each side knows to change every 2 hours or so. you can do whatever you want, as long as both apps have all the information needed to generate the hash key.
Cool.
of course, you still have the matter of getting the shop app to redirect to the Plone login page when it needs to present a challenge.
That's ok, I think. They'll just code it that way, and Plone will redirect back using a came_from URL parameter.
as for sharing more detailed member info, HTTP calls back to Plone is probably the way to go. or else use a custom PAS properties plug-in and store the info somewhere else, where the other app might have more direct access.
Cool! Martin -- Author of `Professional Plone Development`, a book for developers who want to work with Plone. See http://martinaspeli.net/plone-book _______________________________________________ Product-Developers mailing list [email protected] http://lists.plone.org/mailman/listinfo/product-developers
