[triangle-zpug] Remote authentication question

David Chandek-Stark dc at duke.edu
Wed May 11 17:37:37 CEST 2005


Thanks, Geoff. I'm definitely keeping an eye on PAS development. 
However, it's still a bit too cutting edge for my project. I actually 
figured out a way to make RemoteUserFolder work for me. The key was to 
create a folder in the root of Zope, and add a RUF and a Plone site to 
the folder (you could probably replace the default user folder with RUF, 
but that seems a dubious and unnecessary operation). Plone will acquire 
users from RUF (which has a convenient auto-add feature). The last piece 
to complete the picture is to get users to register in the Plone site. 
Registration is necessary to do group management and sharing in Plone. 
Having their names and e-mails is useful too, but you can set dummy 
passwords b/c they will be authenticated by RUF.

Root
|
--- www (Folder)
      |
      --- acl_users (RUF)
      |
      --- Plone site

David

Geoff Davis wrote:
> David,
> 
> You might want to check out PlonePAS -- it's a replacement for GRUF that
> uses Zope Corp's new Pluggable Authentication Service.  My understanding
> is that Plone will probably move to PAS for Plone 2.2, and it appears
> that Enfold Systems is pushing forward the development of PlonePAS as a
> product.  I'm not sure there's a plug-in module for doing Apache
> authentication, but I would imagine that writing one would be pretty
> straightforward (making that kind of thing easy is the whole purpose of
> PAS).  Cameron Cooper could probably give you a few pointers.
> 
> Check out 
> http://www.zopezen.org/Members/jcc/news_item.2005-05-06.4767340553
> 
> Geoff
> 
> On Tue, 2005-04-12 at 12:51 -0400, David Chandek-Stark wrote:
> 
>>[I posted a version of this question to Plone-users, but no one 
>>responded ...]
>>
>>I have access to an external authentication mechanism which I would like 
>>to use in front of my Plone site. Plone should trust that the user whose 
>>name is set in the REMOTE_USER environment variable has authenticated (I 
>>am running Zope under Apache with FastCGI). In theory, this is what 
>>RemoteUserFolder is for. It works fine with Zope, but not Plone w/GRUF 
>>out of the box. I'm not necessarily trying to get RemoteUserFolder to 
>>work, just looking for *any* reasonable way to get Plone to work with 
>>this authentication scenario.
>>
>>Thanks,
>>David
>>
>>_______________________________________________
>>triangle-zpug mailing list
>>triangle-zpug at starship.python.net
>>http://starship.python.net/mailman/listinfo/triangle-zpug
>>
> 
> 
> 
> _______________________________________________
> triangle-zpug mailing list
> triangle-zpug at starship.python.net
> http://starship.python.net/mailman/listinfo/triangle-zpug

-- 
David Chandek-Stark
Web Applications Developer
Duke University - Perkins Library
(919) 660-5859
dc at duke.edu



More information about the triangle-zpug mailing list