[CPS-users] Re: [CPS-devel] CPSLDAP - Groups not supported - what should i use

Damian Georgiou bachomp at gmail.com
Thu Apr 20 02:35:42 CEST 2006 

Am i correct to say once a user has logged in using LDAP authentication, a
user entry and folder is created within zope/cps ?

If this is the case, then how are the groups stored against a user in a
standard zope/cps based authentication scenario?

Is it possible to create/sync all available LDAP groups in zope/cps either
at server startup or at some other stage? If not automatable, create the
groups in zope/cps manually (i know this is possible :) ).

How about when a user logs in, groups that the user has been assigned to in
LDAP are created/sync in zope/cps ? (removing group assignment the no longer
belong too )

thoughts anyone?


On 4/19/06, Georges Racinet <gracinet at nuxeo.com> wrote:
>
>
> On Apr 19, 2006, at 1:23 AM, Damian Georgiou wrote:
>
> > Hi,
> >
> > I am currently using CPSLDAP for user authentication but required
> > LDAP to store group information. It has been suggested to me that i
> > use something else to manage the LDAP group extraction. What should
> > i use? (CPSLDAP with ? or another solution altogether)
>
> The main problem lies in cross references. While it's easy to extract
> the members of a group from LDAP, it's harder to provide on a
> member's entry the list of groups she belongs to (and you can't live
> without that). Of course the problem is the same with the current
> ZODB/LDAP mixed setup. Take a look in 'members' and 'members_ldap'
> schemas, you'll see that there is a read-process-expr doing exactly
> that. Of course it's up to you to adapt this right away to a full
> LDAP setup, but it's suboptimal (of course this depends on the volume
> you're after). If you do this, we'd be happy to include
>
> It would be much better to have your LDAP server do the job. I'm not
> knowledgable enough about LDAP, but after a bit of googling, I came
> to the conclusion that computed attributes aren't part of the
> standard protocol and come as proprietary extensions/plugins. I found
> very few info about this overall;  please someone correct me if I'm
> wrong.
>
> Hope this helps a little bit.
>
> Cheers,
>
> ---------
> Georges Racinet                        Nuxeo SAS
> gracinet at nuxeo.com                http://nuxeo.com
> Tel: +33 (0) 1 40 33 71 73
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.nuxeo.com/pipermail/cps-users/attachments/20060420/ad6dcd3d/attachment.html

More information about the cps-users mailing list
More information about CPS: CPS project - CVS - API

Hosting: Nuxeo: Zope service provider

This list archive provided by Nuxeo, the leaders of open source ECM. Check out the Nuxeo 5 open source, standards-based ECM project.