-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

André Roth wrote:

> I need some help understanding the repoze middleware mechanisms.
> 
> Context: I want to write a LDAP Auth and MetaData plugin for repoze.who,
> to be used with Turbogears 2.
> This works so far, but the integration in tg2 does not work as expected,
> since
> the standard sqlalchemy authentication gets completely replaced by the LDAP
> auth. This is not what I want, I need "local" users and groups (admins
> for example)
> in combination with LDAP accounts.
> 
> this is how tg2 is initialized (in prj/config/middleware.py):
> 
>     # This is the standard tg2 app
>     app = make_base_app(global_conf, full_stack=True, **app_conf)
> 
>     # Wrap your base TurboGears 2 application with custom middleware here
>     # This adds the LDAP auth:
>     app = make_who_with_config(app, global_conf,
> app_conf['who.config_file'],
>                                app_conf['who.log_file'],
>                                app_conf['who.log_level'])
> 
> but this seems to override the tg2 auth and metadata providers. only
> what is
> configured in the who.ini is active like that.
> 
> I tried to configure the tg2 auth and metadata providers in the who.ini, but
> without success. It works for authentication with the repoze.who.plugins.sa,
> but this does not provide the necessary metadata for the tg2 groups and
> permissions.
> 
> What would be the way to go ?
> 
> - Configure the whole thing in who.ini and try to extract the IAuthenticator
>   and IMetadataProvider from tg 2
> 
> or:
> 
> - Configure everything in prj/config/middleware.py and try to extract the
>   needed things from make_who_with_config without overriding the existing
>   tg2 IAuthenticator and IMetadataProvider

repoze.who will definietely support the first case, assuming you can
figure out how to identify the "standard" TG2 authenitcator / metadata
providers:  you might need to write thin shims / adapters to "match the
impedences."


Tres.
- --
===================================================================
Tres Seaver          +1 540-429-0999          tsea...@palladion.com
Palladion Software   "Excellence by Design"    http://palladion.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD4DBQFKoCHB+gerLs4ltQ4RAp5HAKCUQFF26wjM9mqmSa/4RCgYVNYOwQCYw6y4
/YL1JMUAJiSun9UuwSwVeA==
=SkJI
-----END PGP SIGNATURE-----
_______________________________________________
Repoze-dev mailing list
Repoze-dev@lists.repoze.org
http://lists.repoze.org/listinfo/repoze-dev

Reply via email to