Am Mittwoch, den 03.08.2005, 21:01 -0300 schrieb Leonardo Rochael
Almeida:
> Hi,
> 
> I've started the lra-userid_username_separation-branch (from
> Zope-2_8-branch to start from a stable point) in order to implement
> proper userid/username separation in Zope.
> 
> I don't intend to change the default user folder implementation, just
> the ZMI interface for owner and local roles so that they keep using
> userid for storage like they currently do but use usernames for display
> (specifically acl_users.getUserById(id).getUserName()). The intent is to
> never leak the userid to the ZMI (except for url query strings and
> such), and to never store the username persistently.
> 
> The motivating usecase is an LDAP (eDirectory) authenticated system
> where the username for a user can change, but not the internal ID (a
> string).
> 
> This will also help ActiveDirectory integration, which also has an
> internal ID to reference users.
> 
> I remember there being a discussion about this in the list archives, but
> a Google search didn't help much.
> 
> Are there any other projects in this area that I should colaborate with
> instead of duplicating efforts?
> 
> Are there any considerations I should be aware of?

Are you aware of the PAS (Pluggable Auth Service) project?

http://cvs.zope.org/Products/PluggableAuthService/

They already have a separation of uid and login.
What this product could use is just some polishing
and a lot of documentation for the users.

All the other things you mention (including a LDAP
plugin) are already done.



_______________________________________________
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )

Reply via email to