Re: [Zope-dev] LDAPUserFolder
On Wed, 1 May 2002, Dirk Datzert wrote: We decide to install only one LDAPUserFolder in the Root-Folder and configure him to do the authentications against LDAP. In the subfolders we want to install 'LDAPUserFolders' which should not be configured again, but use the top-level LDAPUserFolder. In this 'LDAPUserFolders' there would be done the Groups Management on an base of LDAP-Group to Zope-Role mapping. Might the Slave User Folder help you? http://www.zope.org/Members/srichter/Products/SlaveUserFolder Stefan ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] LDAPUserFolder
the LDAPUserFolder-tailored solution is already available: http://www.dataflake.org/software/ldaproletwiddler jens On Friday, May 3, 2002, at 05:00 , Stefan H. Holek wrote: On Wed, 1 May 2002, Dirk Datzert wrote: We decide to install only one LDAPUserFolder in the Root-Folder and configure him to do the authentications against LDAP. In the subfolders we want to install 'LDAPUserFolders' which should not be configured again, but use the top-level LDAPUserFolder. In this 'LDAPUserFolders' there would be done the Groups Management on an base of LDAP-Group to Zope-Role mapping. Might the Slave User Folder help you? http://www.zope.org/Members/srichter/Products/SlaveUserFolder Stefan ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
[Zope-dev] LDAPUserFolder
Hi Jens, one question about possibilities of LDAPUserFolder: We decide to install only one LDAPUserFolder in the Root-Folder and configure him to do the authentications against LDAP. In the subfolders we want to install 'LDAPUserFolders' which should not be configured again, but use the top-level LDAPUserFolder. In this 'LDAPUserFolders' there would be done the Groups Management on an base of LDAP-Group to Zope-Role mapping. Do you think it is possible to split this feature from LDAPUserFolder (with a little programming) ? Where should I look on programming and what need I take care about ? Regards, Dirk ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] LDAPUserFolder
well, if all the user folders are configured the same way *except* for the groups-to-role bit then you should get the functionality you need. it's not trivial to program something that would allow retrieval of a user object at the root and then somehow mangle the list of roles based on where you are in the site. you might be able to patch the folder class so that local roles are computed instead of just looked up, but that's hackish. jens On Wednesday, May 1, 2002, at 08:32 , Dirk Datzert wrote: Hi Jens, one question about possibilities of LDAPUserFolder: We decide to install only one LDAPUserFolder in the Root-Folder and configure him to do the authentications against LDAP. In the subfolders we want to install 'LDAPUserFolders' which should not be configured again, but use the top-level LDAPUserFolder. In this 'LDAPUserFolders' there would be done the Groups Management on an base of LDAP-Group to Zope-Role mapping. Do you think it is possible to split this feature from LDAPUserFolder (with a little programming) ? Where should I look on programming and what need I take care about ? Regards, Dirk ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] LDAPUserFolder
Jens Vagelpohl schrieb: well, if all the user folders are configured the same way *except* for the groups-to-role bit then you should get the functionality you need. Yes, I expect that. but what if you have 100 user-folders configured and need to change one option ? a lot or work. it's not trivial to program something that would allow retrieval of a user object at the root and then somehow mangle the list of roles based on where you are in the site. What is about the following: Have a central point of Configure, LDAP Schema, Custom Forms for all LDAPUserFolders and Caches, Users, Groups are local ? And do lookups again, not computed. you might be able to patch the folder class so that local roles are computed instead of just looked up, but that's hackish. jens On Wednesday, May 1, 2002, at 08:32 , Dirk Datzert wrote: Hi Jens, one question about possibilities of LDAPUserFolder: We decide to install only one LDAPUserFolder in the Root-Folder and configure him to do the authentications against LDAP. In the subfolders we want to install 'LDAPUserFolders' which should not be configured again, but use the top-level LDAPUserFolder. In this 'LDAPUserFolders' there would be done the Groups Management on an base of LDAP-Group to Zope-Role mapping. Do you think it is possible to split this feature from LDAPUserFolder (with a little programming) ? Where should I look on programming and what need I take care about ? Regards, Dirk ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] LDAPUserFolder
i guess what you would need is an object that looks like a user folder but most calls are redirected to a second, real, user folder. this object would need to implement the typical user folder API and redirect most calls, but override those methods that retrieve/compute the roles for a given user. jens On Wednesday, May 1, 2002, at 08:59 , Dirk Datzert wrote: Jens Vagelpohl schrieb: well, if all the user folders are configured the same way *except* for the groups-to-role bit then you should get the functionality you need. Yes, I expect that. but what if you have 100 user-folders configured and need to change one option ? a lot or work. it's not trivial to program something that would allow retrieval of a user object at the root and then somehow mangle the list of roles based on where you are in the site. What is about the following: Have a central point of Configure, LDAP Schema, Custom Forms for all LDAPUserFolders and Caches, Users, Groups are local ? And do lookups again, not computed. you might be able to patch the folder class so that local roles are computed instead of just looked up, but that's hackish. jens On Wednesday, May 1, 2002, at 08:32 , Dirk Datzert wrote: Hi Jens, one question about possibilities of LDAPUserFolder: We decide to install only one LDAPUserFolder in the Root-Folder and configure him to do the authentications against LDAP. In the subfolders we want to install 'LDAPUserFolders' which should not be configured again, but use the top-level LDAPUserFolder. In this 'LDAPUserFolders' there would be done the Groups Management on an base of LDAP-Group to Zope-Role mapping. Do you think it is possible to split this feature from LDAPUserFolder (with a little programming) ? Where should I look on programming and what need I take care about ? Regards, Dirk ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope ) ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
[Zope-dev] LDAPUserFolder
Hi, how do I replace a acl_users folder in the Root by an working LDAPUserFolder ? Regards, Dirk BEGIN:VCARD VERSION:2.1 N:Datzert;Dirk FN:Dirk Datzert ORG:;Andernach TEL;WORK;VOICE:+49 2631 81 4595 TEL;WORK;FAX:+49 2631 81 15 4595 ADR;WORK:;;Andernach LABEL;WORK:Andernach KEY;X509;ENCODING=BASE64: MIIDVTCCAr6gAwIBAgIPAM2aAkJs9V5JP7ynMA0GCSqGSIb3DQEBBAUAMIG8MQswCQYD VQQGEwJERTEQMA4GA1UECBMHSGFtYnVyZzEQMA4GA1UEBxMHSGFtYnVyZzE6MDgGA1UEChMx VEMgVHJ1c3RDZW50ZXIgZm9yIFNlY3VyaXR5IGluIERhdGEgTmV0d29ya3MgR21iSDEiMCAG A1UECxMZVEMgVHJ1c3RDZW50ZXIgQ2xhc3MgMSBDQTEpMCcGCSqGSIb3DQEJARYaY2VydGlm aWNhdGVAdHJ1c3RjZW50ZXIuZGUwHhcNMDExMTEyMTIwMTM1WhcNMDMwMTAyMTIwMTM1WjBp MQswCQYDVQQGEwJERTEQMA4GA1UEBxMHTmV1d2llZDEVMBMGA1UEAxMMRGlyayBEYXR6ZXJ0 MTEwLwYJKoZIhvcNAQkBFiJEaXJrLkRhdHplcnRAcmFzc2Vsc3RlaW4taG9lc2NoLmRlMIGf MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCog/5TyCRdMjACIM/U23qq0n0LUEeb+X3WpIn5 2UHosqQMDdLDEtlUOMSKTrqcsp3lHTOQWwj65/T3cI85brb7PkJDtbCI57MVTtMIKByd946g uIOe6xti0H+lJAscIO1a6FqFjjJLhudWpDqaWgW95qGaFVT1me2xPEaoiampxQIDAQABo4Gq MIGnMDMGCWCGSAGG+EIBCAQmFiRodHRwOi8vd3d3LnRydXN0Y2VudGVyLmRlL2d1aWRlbGlu ZXMwEQYJYIZIAYb4QgEBBAQDAgWgMF0GCWCGSAGG+EIBAwRQFk5odHRwczovL3d3dy50cnVz dGNlbnRlci5kZS9jZ2ktYmluL2NoZWNrLXJldi5jZ2kvQ0Q5QTAwMDAwMDAyNDI2Q0Y1NUU0 OTNGQkNBNz8wDQYJKoZIhvcNAQEEBQADgYEAOHB5sq4AdTAwizcmGPgdnfPo9btBu1d/PRNO D/xoIhXlI4A0ehRZCBGuOup0L78YBj+DZUMDOK3H6+5M8rOfCazkcYlcfdxZ9LeNRkMy+RRx PbmXelKB7UjM6IfJyZiQzm/jTwxFle3L+W8TMSPwmAdTJOo0YkikHCAlxNLMn4w= EMAIL;PREF;INTERNET:[EMAIL PROTECTED] REV:20020430T134023Z END:VCARD
Re: [Zope-dev] LDAPUserFolder
log in with the superuser account (create one using the zpasswd utility if needed), then you can delete the root user folder and create a new one. user folders are one of the few things that can be owned by the superuser. jens On Tuesday, April 30, 2002, at 09:40 , Dirk Datzert wrote: Hi, how do I replace a acl_users folder in the Root by an working LDAPUserFolder ? Regards, Dirk ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
