we have Zope 2.6.4 and 2.7.6 with LDAPUserFolder and CookieCrumbler in use.

One of our next goals is to integrate the Single-Sign-On-Ticket feature of

SAP sent a cookie called MYSAPSSO2 which contains a certified signature and
the Login-Name of a user.

Normally the Login-Name will be validated by LDAPUserFolder with password
against LDAP-Directory and the roles of the user will be assigned to the
user object.

We have now an external web-service which can validate the MYSAPSSO2-Ticket
and return the Login-Name.

I'm looking now for the best way to integrate/rewrite
CookieCrumbler/LDAPUserFolder to take the validated Login-Name and read the
roles of the user out of the LDAP-directory.

Any ideas ? Maybe comments by Jens or Shane ?


Geschenkt: 3 Monate GMX ProMail gratis + 3 Ausgaben stern gratis
++ Jetzt anmelden & testen ++ http://www.gmx.net/de/go/promail ++
Zope-Dev maillist  -  Zope-Dev@zope.org
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope )

Reply via email to