more about our scenario:
* We must anticipate users at hundreds of locations
* there might be 10 or so users at each location
* permissions can be grouped pretty well into tasks, but are specific to a location - permission to do a task at one location must not mean permission at all locations. To me this suggests several Roles per location, corresponding to the grouped tasks at that location.
* each user might work from several different locations
* each user might need different permissions when working at different locations
* We have multiple applications, not all in zope, so LDAP is looking
With locations, do you mean physical locations of the clients (i.e. IP-adresses), or the locations of objects inside zope (i.e. /department1, /department2 etc.)?
Zope-Dev maillist - [EMAIL PROTECTED]
** No cross posts or HTML encoding! **
(Related lists - http://mail.zope.org/mailman/listinfo/zope-announce