[Zope-dev] etcUserFolder Product

Michel Pelletier michel@digicool.com
Wed, 3 Mar 1999 15:48:32 -0500


Greetings,

(This is crossposted because it is a product anouncement, and contains
interesting developer pointers)

I've have massaged the source code for UserDb and created a new user
folder products called etcUserFolder.  This products authenticates off
of a flat file of usernames:cryptedpasswords.  If there is anything
trailing the crypted password it is ignored, so any /etc/passwd file
will work.  It is generaly not recommended, however, to use your
/etc/passwd file for security reasons.

This is an unsuported product and has been written because it was asked
for a few times, and I felt the community could use another good example
of writing user folders.  It also shows off cookie authentication which
Brian perfected with UserDb.  Here is the documentation:

etcUserFolder requires a directory called 'etcUsers' in which to place
your file containing the uid:pwd pairs.  This directory may be an
INSTANCE_HOME (typicaly your top level Zope dir), SOFTWARE_HOME
(typicaly 'lib/python') or in the etcUserFolder directory.  Jim wrote a
nifty function called getPath that sniffs all of these places for a
directory and file of your choosing.  This function is included in
etcUserFolder and will be included as a standard function of the next
release.  Other Product authors may find it interesting.

Since the flat file is meant to be b/w compatable with /etc/passwd and
htpasswd style files, there is no Role associated with the users it
authenticates.  You can specify a default role which is, by default,
'etcUser'.

I have not done extensive testing of this, therefore it is a
pre-release.  Please send bug-reports and hopefully a patch to me
(michel@digicool.com)

http://www.zope.org/Download/Prereleases/etcUserFolder/etcUserFolder.tar
.gz



-Michel