-----BEGIN PGP SIGNED MESSAGE-----
André Roth wrote:
> I need some help understanding the repoze middleware mechanisms.
> Context: I want to write a LDAP Auth and MetaData plugin for repoze.who,
> to be used with Turbogears 2.
> This works so far, but the integration in tg2 does not work as expected,
> the standard sqlalchemy authentication gets completely replaced by the LDAP
> auth. This is not what I want, I need "local" users and groups (admins
> for example)
> in combination with LDAP accounts.
> this is how tg2 is initialized (in prj/config/middleware.py):
> # This is the standard tg2 app
> app = make_base_app(global_conf, full_stack=True, **app_conf)
> # Wrap your base TurboGears 2 application with custom middleware here
> # This adds the LDAP auth:
> app = make_who_with_config(app, global_conf,
> but this seems to override the tg2 auth and metadata providers. only
> what is
> configured in the who.ini is active like that.
> I tried to configure the tg2 auth and metadata providers in the who.ini, but
> without success. It works for authentication with the repoze.who.plugins.sa,
> but this does not provide the necessary metadata for the tg2 groups and
> What would be the way to go ?
> - Configure the whole thing in who.ini and try to extract the IAuthenticator
> and IMetadataProvider from tg 2
> - Configure everything in prj/config/middleware.py and try to extract the
> needed things from make_who_with_config without overriding the existing
> tg2 IAuthenticator and IMetadataProvider
repoze.who will definietely support the first case, assuming you can
figure out how to identify the "standard" TG2 authenitcator / metadata
providers: you might need to write thin shims / adapters to "match the
Tres Seaver +1 540-429-0999 tsea...@palladion.com
Palladion Software "Excellence by Design" http://palladion.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
Repoze-dev mailing list