[Zope-PAS] Id mangling.

Lennart Regebro regebro at nuxeo.com
Thu Sep 9 12:39:11 EDT 2004

Zachery Bir wrote:
> Like I said, our current Shibboleth authentication system does just 
> this. All requests coming into Zope are pre-vetted by Shibboleth, Zope 
> just accepts the credentials, without requiring an enumerator.

But wouldn't you then just have a "whatevah" enumerator? :) Or at least 
let the authenticator also be an enumerator that returns "yes, yes, he 
exists" on everything that is authenticated by itself... :)

And what happens if you DO have an enumerator? Wouldn't this fail 
everytime you try log in with a user that doesn't exist in the enumerator?

Well, in any case, I see that as a special case. Maybe the authenticator 
can prefix the user when it does not require an enumerator, but use the 
enumerator as a prefix otherwise?

More information about the Zope-PAS mailing list