On Mar 28, 2006, at 1:35 PM, Gary Poster wrote:

On Mar 28, 2006, at 10:43 AM, Pete Taylor wrote:

Hi all,
I've been off working on some other projects recently (zope3 projects,
but none that involved specific logins and users, just data capture
from a public site), and just got back to working with PAU, and had an
interesting scenario presented to me.  I'm trying to sell a
co-developer on zope3, and we were discussing user management, roles,
permissions, etc.

after i finished extolling the virtues of zope3's user management
system, he asked the following question:

say you're operating a site as a portal to some set of functionality.
similar functionality, but with different groups of people accessing
it.  as an example, say different civic groups around town.  the odds
of having a "john smith" at the Civic Media Center and a "john smith"
at Center for Cultural Awareness (I'm making these up ;) ) are, for
our example, very high.  what if we don't want to force each group to
maintain unique logins across the board, since to each unique group,
'jsmith' is a perfectly unique signifier?  what if we want to create
our login schema along the lines of "group, username, pass" instead of
just unique username/pass?  is this feasible?

I can't think of a way to do it, off the top of my head.  I admit, I
need to spend more time thinking about it, but I was wondering if
anyone else has come across anything similar?

There are three elements of the default pau set-up: user id, login, and password. user ids must be unique. *Combinations* of logins and passwords must be unique. In theory, then, you can have

USERID jsmith.cmc LOGIN jsmith PASSWORD 123456
USERID jsmith.cca LOGIN jsmith PASSWORD asdfgh

That's the way I learned it last, anyway. :-)

And yes, by the way, if you wrote your own authentication plugin, you could make the login take whatever authentication tokens you wanted, including login/group/password rather than login/password. This would require building replacements for one of the core plugins, but its eminently doable.

Zope3-users mailing list

Reply via email to