damien.metzler at ext.leroymerlin.fr a écrit : > Hi, > > > I managed to develop my own directory which is able to search upon a > home-made web-service. Now i want to do it authentication for all > members. For security reason, i'm not able to catch the userPassword > field from the web service. Instead, i have an "authenticate" method > that returns either the user that has succeed authentication or False. LDAPBackingDirectory's storage adapter from trunk also filters out the content of the password field for the same reason (passwords are hased most of the time on LDAP servers anyway). Accessing the password value is not required if you're web service is able to reply if a pair of login/password do match. > I defined the isAuthenticating method that always returns True in my > IUADirectory class. I didn't touch th getEntryAuthenticated method from > the LDAPDirectory. You should not use the LDAPDirectory as a model since it is now deprecated. You'd better take the following directories as model: - ZODBDirecory (local storage) - LDAPBackingDirectory / SQLDirectory (External storage directories) - MetaDirectory / StackingDirectory (Virtual directories) > But it appears that the searchIUA method is never called with a password > as a parameter. Is it because the authentication never pass by my > directory or did I miss something ? What is the searchIUA method? -- Olivier
Hosting: Nuxeo: Zope service provider