[Zope] LDAPUserFolder question
I am using LDAPUserFolder-2.9 with Zope 2.10.6 on Ubuntu 7. It is working well, users can log in and I can map groups to Zope roles. However, I was hoping that I could assign groups local roles, so that I can allow groups to be 'Managers' only in certain sub-folders of our site. Is this possible with LDAPUF, do I need additional packages, have i set it up incorrectly? Thanks for any advice. ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] LDAPUserFolder question
On Jul 8, 2008, at 18:51 , Erik Myllymaki wrote: I am using LDAPUserFolder-2.9 with Zope 2.10.6 on Ubuntu 7. It is working well, users can log in and I can map groups to Zope roles. However, I was hoping that I could assign groups local roles, so that I can allow groups to be 'Managers' only in certain sub-folders of our site. Is this possible with LDAPUF, do I need additional packages, have i set it up incorrectly? Erik, The LDAPUserFolder itself has nothing to do with local roles per se. It also has no concept by itself of groups as Zope knows them in certain applications like Plone. The LDAPUserFolder equates group records in LDAP with roles in Zope, not with groups. You're not providing any information about what your application looks like and what you're trying to achieve, but you may find more functionality (like Zope group support) by using the PluggableAuthService user folder in conjunction with the LDAPMultiPlugins product. jens ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] LDAPUserFolder question
Jens Vagelpohl wrote: On Jul 8, 2008, at 18:51 , Erik Myllymaki wrote: I am using LDAPUserFolder-2.9 with Zope 2.10.6 on Ubuntu 7. It is working well, users can log in and I can map groups to Zope roles. However, I was hoping that I could assign groups local roles, so that I can allow groups to be 'Managers' only in certain sub-folders of our site. Is this possible with LDAPUF, do I need additional packages, have i set it up incorrectly? Erik, The LDAPUserFolder itself has nothing to do with local roles per se. It also has no concept by itself of groups as Zope knows them in certain applications like Plone. The LDAPUserFolder equates group records in LDAP with roles in Zope, not with groups. You're not providing any information about what your application looks like and what you're trying to achieve, but you may find more functionality (like Zope group support) by using the PluggableAuthService user folder in conjunction with the LDAPMultiPlugins product. Thanks for the quick reply. I use PAS, LDAPUserFolder and LDAMPMultiPluggins with Pone and I guess that is the functionality I am looking for with this Zope instance as well; the ability to map groups to local roles, instead of just users to local roles in subfolders and not site-wide (as LDAPUserFolder by itself already allows me to do). I will install those products and see how it goes. ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] LDAPUserFolder Question
Hi, I have LDAPUserFolder 2.6 on Zope 2.9.5-Final. Everything is working as expected, but there is one thing I'm not clear on. I've added uid as User ID to the LDAP Schema, and am using it as the Login Name Attribute. The authentication works flawlessly. Under User ID Attribute I have Canonical Name (cn). That should be returning the full name of the user. However when I use something like: dtml-call expr=REQUEST.set( 'User_Name',REQUEST.AUTHENTICATED_USER.getUserName()) I get the uid and not the cn. Any idea how I can get the cn? Thanks, Sean ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] LDAPUserFolder Question
dtml-call expr=REQUEST.set( 'User_Name',REQUEST.AUTHENTICATED_USER.getUserName()) I get the uid and not the cn. Any idea how I can get the cn? Maybe: REQUEST.AUTHENTICATED_USER.getUserDN() ? Take a look into LDAPUser.py -- Maciej Wisniowski ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] LDAPUserFolder Question
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 6 Jan 2007, at 00:42, Maciej Wisniowski wrote: dtml-call expr=REQUEST.set ( 'User_Name',REQUEST.AUTHENTICATED_USER.getUserName()) I get the uid and not the cn. Any idea how I can get the cn? Maybe: REQUEST.AUTHENTICATED_USER.getUserDN() ? Take a look into LDAPUser.py getUserDN wont return the cn attribute, it will return the full distinguished name ;) You can use user_object.getProperty('cn'). jens -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (Darwin) iD8DBQFFnuYlRAx5nvEhZLIRAiv6AKCmNcKbE1D1bRGCvaGwxBGMS5e9xACgspCj P5StEDSIobv5O62Cq/fi4OU= =ExJy -END PGP SIGNATURE- ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )