-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Wichert Akkerman wrote:
> There is a bit of an issue here which I have been meaning to discuss: > the IUserAdderPlugin interface is really narrow. When you create users > in LDAP you need to populate the record with enough data to satisfy the > requirements for the choosen objectClass. Since doAddUser only has the > loginname to work with this is only possible in LDAP environments where > the DN is keyed on the chosen login attribute and you do not mind > filling the other obligatory attributes with bogus data. If your LDAP > environment uses another attribute for DN (Active Directory does for > example: it uses cn) it is impossible to create LDAP users using the > IUserAdderPlugin interface. Which is actually fine. We aren't going to be able to come up with a uniform interface for all possible backends; instead, the application which drives user creation is going to need tweaking to accomodate what the backends require. > I would like to see a way to get this fixed in Zope2, preferably in PAS. > If I remember correctly PAU takes a different approach and passes a full > user object to its doAddUser equivalent which guarantees a user creation > plugin always has all user information it might require. Could we extend > IUserAdderPlugin or add a new interface to support this kind of usage? I'd rather punt, as noted above, and have the application talk directly to the plugin (which is what PAU does, actually, I think). I don't see that making PAS a hyper-generic intermediary is a win for this problem. Tres. - -- =================================================================== Tres Seaver +1 202-558-7113 [EMAIL PROTECTED] Palladion Software "Excellence by Design" http://palladion.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFD0k8e+gerLs4ltQ4RAjVzAJ4k/faNGoFiWuDpoxDValZd6hyyMwCfd86g bBpKdHF3wzZYvr3Lz7BrjXQ= =1JyY -----END PGP SIGNATURE----- _______________________________________________ Zope-PAS mailing list [email protected] http://mail.zope.org/mailman/listinfo/zope-pas
