i guess what you would need is an object that looks like a user folder but 
most calls are redirected to a second, real, user folder. this object 
would need to "implement" the typical user folder API and redirect most 
calls, but override those methods that retrieve/compute the roles for a 
given user.

jens


On Wednesday, May 1, 2002, at 08:59 , Dirk Datzert wrote:

>
>
> Jens Vagelpohl schrieb:
>
>> well, if all the user folders are configured the same way *except* for 
>> the
>> groups-to-role bit then you should get the functionality you need.
>>
>
> Yes, I expect that. but what if you have 100 user-folders configured and 
> need
> to change one option ?
> a lot or work.
>
>>
>> it's not trivial to program something that would allow retrieval of a 
>> user
>> object at the root and then somehow mangle the list of roles based on 
>> where
>> you are in the site.
>
> What is about the following:
> Have a central point of Configure, LDAP Schema, Custom Forms for all
> LDAPUserFolders and
> Caches, Users, Groups are local ?
>
> And do lookups again, not computed.
>
>>
>>
>> you might be able to patch the folder class so that local roles are
>> computed instead of just looked up, but that's hackish.
>>
>> jens
>>
>> On Wednesday, May 1, 2002, at 08:32 , Dirk Datzert wrote:
>>
>>> Hi Jens,
>>>
>>> one question about possibilities of LDAPUserFolder:
>>>
>>> We decide to install only one LDAPUserFolder in the Root-Folder and
>>> configure him to do the authentications against LDAP.
>>>
>>> In the subfolders we want to install 'LDAPUserFolders' which should not
>>> be configured again, but use the top-level LDAPUserFolder. In this
>>> 'LDAPUserFolders' there would be done the Groups Management on an base
>>> of LDAP-Group to Zope-Role mapping.
>>>
>>> Do you think it is possible to split this feature from LDAPUserFolder
>>> (with a little programming) ?
>>> Where should I look on programming and what need I take care about ?
>>>
>>> Regards,
>>> Dirk
>>>
>
>
>
> _______________________________________________
> Zope-Dev maillist  -  [EMAIL PROTECTED]
> http://lists.zope.org/mailman/listinfo/zope-dev
> **  No cross posts or HTML encoding!  **
> (Related lists -
>  http://lists.zope.org/mailman/listinfo/zope-announce
>  http://lists.zope.org/mailman/listinfo/zope )



_______________________________________________
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )

Reply via email to