[Zope-PAS] Id mangling.
regebro at nuxeo.com
Thu Sep 9 12:39:11 EDT 2004
Zachery Bir wrote:
> Like I said, our current Shibboleth authentication system does just
> this. All requests coming into Zope are pre-vetted by Shibboleth, Zope
> just accepts the credentials, without requiring an enumerator.
But wouldn't you then just have a "whatevah" enumerator? :) Or at least
let the authenticator also be an enumerator that returns "yes, yes, he
exists" on everything that is authenticated by itself... :)
And what happens if you DO have an enumerator? Wouldn't this fail
everytime you try log in with a user that doesn't exist in the enumerator?
Well, in any case, I see that as a special case. Maybe the authenticator
can prefix the user when it does not require an enumerator, but use the
enumerator as a prefix otherwise?
More information about the Zope-PAS