Hash: SHA1

Jeff Peterson wrote:
> Ok,
> After poking around PAS for a while I think I have a bit of a handle on it.
> This seems to be built primarily for managing Zope users.  My solution
> needs to be able to manage a group of existing users not in Zope
> currently.  Is this something that can be done?  I know I can create SQL
> methods to get data but I am not sure I see how I can use the current
> data with this framework.  Can this be used without an actual userObject
> in the user folder?  Can I, for example, use the framework to prompt a
> login, gather the username and password, authenticate it against the sql
> and manage the roles without a userObject in the acl_users folder?  Or,
> if the former is true could they(the userObjects) be created on the fly,
> say on the first login, so that afterward they existed?
> Maybe I am way off base or am misunderstanding something.  Any direction
> would be appreciated.

PAS does not use a persistent user object at all.  One of its plugins
(the ZODBUserManager plugin) stores *data* about a user in the ZODB.
The user object is in fact created for each request, and can be modified
at creation time by any of the properties, groups, or roles plugins.

In your case, you would write an "authentication plugin" which verified
your user's credentials via a ZSQL query, and computed the user's ID
(which would not necessarily be her login name).  After that, other
plugins might add groups, roles, or properties to the 'PropertiedUser'.

- --
Tres Seaver          +1 202-558-7113          [EMAIL PROTECTED]
Palladion Software   "Excellence by Design"    http://palladion.com
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org


Zope-PAS mailing list

Reply via email to