Am Mittwoch, den 03.08.2005, 21:01 -0300 schrieb Leonardo Rochael Almeida: > Hi, > > I've started the lra-userid_username_separation-branch (from > Zope-2_8-branch to start from a stable point) in order to implement > proper userid/username separation in Zope. > > I don't intend to change the default user folder implementation, just > the ZMI interface for owner and local roles so that they keep using > userid for storage like they currently do but use usernames for display > (specifically acl_users.getUserById(id).getUserName()). The intent is to > never leak the userid to the ZMI (except for url query strings and > such), and to never store the username persistently. > > The motivating usecase is an LDAP (eDirectory) authenticated system > where the username for a user can change, but not the internal ID (a > string). > > This will also help ActiveDirectory integration, which also has an > internal ID to reference users. > > I remember there being a discussion about this in the list archives, but > a Google search didn't help much. > > Are there any other projects in this area that I should colaborate with > instead of duplicating efforts? > > Are there any considerations I should be aware of?
Are you aware of the PAS (Pluggable Auth Service) project? http://cvs.zope.org/Products/PluggableAuthService/ They already have a separation of uid and login. What this product could use is just some polishing and a lot of documentation for the users. All the other things you mention (including a LDAP plugin) are already done. _______________________________________________ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
