Justas: Jeffrey is developing an application called pyquiz to create tests for his students using pyramid. Now, he has this requirement (sorry for flooding):
Jeff Elkner: 1. user points browser at pyquiz Jeff Elkner: 2. clicks "login" Jeff Elkner: 3. types user name and password Jeff Elkner: 4. pyquiz asks ST, is this a valid user? Jeff Elkner: 5. ST says yes or no Jeff Elkner: if yes, user is logged in Jeff Elkner: if no, login fails Jeff Elkner: i don't want to create users in two places Jeff Elkner: and have to make sure they are in sync somehow Jeff Elkner: when a new student is added to ST Jeff Elkner: and put in a section Jeff Elkner: they can log in to pyquiz Jeff Elkner: with no configuration on the pyquiz side I think an easy solution is to create a small XMLRPC method publisher that gets the person and calls checkPassword on it, returning True or False. Then we could create an url for this method like http://server_name/xmlrpc for pyquiz to send its login requests. If pyquiz gets True on the response, then it creates (or looks up) a space in its database for the username. I know a very well designed mechanism should include encryption/decryption for the requests, but these services are going to run on the same server and I'm assuming that's secure enough. Please let me know what you think about this approach. Thanks. Douglas "... allí es cuando te das cuenta que las cosas malas pueden resultar bastante buenas..." - Lionel Messi Por favor, evite enviarme adjuntos de Word, Excel o PowerPoint. Vea http://www.gnu.org/philosophy/no-word-attachments.es.html _______________________________________________ Mailing list: https://launchpad.net/~schooltool-developers Post to : [email protected] Unsubscribe : https://launchpad.net/~schooltool-developers More help : https://help.launchpad.net/ListHelp
