Martin Aspeli wrote:
Hi Rob,
you don't state how much influence you have over the 'shop'
application, but you mention having the site make an HTTP call to
Plone so i'm going to assume that it's possible to do some custom
coding on that side.
It is. I'm not writing it, but I can ask someone else to do some coding.
It's not written in Python, though.
in the OpenPlans stack, which actually consists of several HTTP
services all acting as a single 'site', we accomplish something like
this by having all of our apps honor Plone's authentication cookie.
Will this not only work if all the apps are on the same domain? The shop
is hosted on a completely separate infrastructure and will be DNS'd into
a subdomain.
if it's on a subdomain, you should be fine. if it's on a different domain
altogether, it'd be trickier.
we have a custom PAS cookie auth plug-in which creates an auth cookie
as a hash of the username and a secret key. all of the apps have a
copy of the secret, so they can verify that the cookie is to be
trusted. since your apps are going to be on the same domain, you can
use a domain wildcard cookie and the remote hosted application will
get it.
I see. Any documentation on how those work?
there's not much to document. you just set a cookie and explicitly use
".yourdomain.com" as the cookie domain, rather than the FQDN, which is what
the cookie will default to if you don't specify.
here's the code for the OpenPlans PAS plug-in... this generates the cookie
hash value, and sets two cookies, one for the FQDN and one explicitly set to
the domain that the browser_id_manager specifies, which in our case is
".openplans.org". you can see both cookies in your browser when you're logged
into the site.
http://trac.openplans.org/openplans/browser/opencore/trunk/opencore/auth/SignedCookieAuthHelper.py
hope that's useful,
-r
_______________________________________________
Product-Developers mailing list
[email protected]
http://lists.plone.org/mailman/listinfo/product-developers
