Before I dive into the Identity framework Jeff Watkins checked in (thanks Jeff!), I figured I'd better ask if anyone's already done this yet.
What I want is to get the answer to "who are you?" from Apache, and let TurboGears answer the question "what are you allowed to do?". I'm working on a project for an intranet site running on Apache. The site already has authentication via HTTP basic auth (over https, naturally), and checks user names and passwords against an LDAP database on the backend. By the time users get to the front page of my TurboGears app, they've already been authenticated, so there's no reason for me to present them with a redundant login page. Basically, I think I want an ApacheIdentityProvider. It would trust the username it gets from Apache, and look up that username against a list of permissions to see what the user is allowed to do. The permissions will probably be group-based, e.g., employees have one set of permissions, managers have another set, and so on. Before I get started on writing this: has anyone else been working on a similar project? How should I get the user from HTTP basic auth? My quick scan of the CherryPy documentation hasn't turned up anything useful, but it's quite possible I've missed something. -- Robin Munn [EMAIL PROTECTED] GPG key 0xD6497014
