[Grok-dev] LDAP authentication and groups

Sebastian Ware sebastian at urbantalk.se
Fri Aug 7 13:25:14 EDT 2009

Great feedback! Please consider updating the main document, I think it  
would useful to have it all in the same place. Note, I don't have an  
answer to your question :) I just want to encourage you to go all the  
way on this one.


If you give me a Launchpad ID I can assign you to the document on  
Launchpad (so you can update the whiteboard when you have done your  
edits). I you don't have edit priveleges on grok.zope.org, drop a mail  
with your grok.zope.org id to Kevin Teague and he can fix this for you.

Mvh Sebastian

7 aug 2009 kl. 10.32 skrev Jeroen Michiel:

> Sebastian Ware wrote:
>> Have you looked at this:
>>   http://grok.zope.org/documentation/how-to/authentication-with-grok
>> Mvh Sebastian
> Yep, and found it very useful to get the authentication going  
> (although
> getting it to work with AD took me a while), but there's no mention  
> of the
> IPrincipalCreated event.
> I think that's a bit of a missing link in the documentation:
> You have a very good explanation about authentication, as you  
> mentioned
> (http://grok.zope.org/documentation/how-to/authentication-with- 
> grok), and
> one about permissions and roles
> (http://grok.zope.org/documentation/tutorial/permissions), but how you
> should couple them together (especially if you authenticate to an  
> external
> server) is still vague (at least to me). There is no mention of the
> IPrincipalCreated event in the docs, unless I missed it.
> I'm willing to make a small Howto on this (assigning roles/ 
> permissions to
> externally authenticated users), if someone can point me in the right
> direction, because I still have a few questions...
> For instance what exactly is the difference between IPrincipalCreated,
> IAuthenticatedPrincipalCreated and IFoundPrincipalCreated?
> Since the latter 2 are derived from IPrincipalCreated,  
> IPrincipalCreated is
> triggered always when a principal is created by a factory. As far as  
> I can
> gather from the zope API docs, IAuthenticatedPrincipalCreated is  
> fired when
> a principal is really authenticated (typically by a user logging is  
> to the
> site and providing his/her credentials), while  
> IFoundPrincipalCreated is
> fired when a user is looked up (in the code) typically by a call to
> getPrincipal on the PAU.
> Is this correct?
> When should you use which?
> Thanks for any advice/ideas!
> -- 
> View this message in context: http://www.nabble.com/LDAP-authentication-and-groups-tp24848493p24860905.html
> Sent from the Grok mailing list archive at Nabble.com.
> _______________________________________________
> Grok-dev mailing list
> Grok-dev at zope.org
> http://mail.zope.org/mailman/listinfo/grok-dev

More information about the Grok-dev mailing list