Hi All!
Well, each user has it's own 'metadata', like a fullname, nickname,
email and etcetera. Some of them a widely-used, some are auth-backend-
specific, like OpenID url in case of OpenID or DN in case of LDAP.
When talking of multy-auth apps, one should take care of that and
decide of a common subset of these fields to have access to them
independenlty from the auth source.
The next question is where to store these fields. Why bother? Imagine
you store some entities in the database, and You wand them to have an
'owner'. A most common approach is to have a relation to the user's
table - that's simple when You have only built-in SQLAlchemy auth.
What should one do if having both SQLAlchemy and LDAP users, or maybe
even OpenID ones? The simplest solution is: at first 'external' login,
fetch the required fields, create a 'dummy' user account and then link
other entities to it. On each next login, just update the fields from
external source, should it be OpenID SREG or LDAP keys. You won't keep
all this data in every table, sure? ;) And You won't query the
external source on every page render.
And, well, You'll probably want to promote some rights for these
external users, via groups or roles. Will You store them in LDAP?
Quite a good idea sometimes (great for a some corporate sites, tightly
integrated with other IT staff), but won't work with OpenID.
And, well, there could be sources with no extended data, like
'login:password' DSV files (htpasswd-like) - no gecos, no groups/
roles.
(well these were not questions, but an invitation to a discussion --
as for me, I'll cache the data in a database, mixing 'real' users with
'external' and keeping 'external' users from logging in locally) But
I'll appreciate other opinions!
--
Sergei
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"TurboGears" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/turbogears?hl=en
-~----------~----~----~----~------~----~------~--~---
