[Zope] Zope LDAP Products available (v0.1)

Michel Pelletier mike@icebox.dlogue.net
Tue, 16 Mar 1999 20:40:15 -0600 (CST) 

> 
> 
> Short Version of message: ZLDAPconn-0.1 and ZLDAPMethods-0.1 are now 
> available from http://www.interlink.com.au/anthony/python/
> 
Excellent.

> I'm looking for opinions on the LDAP zope product I've been building.
> 
We here at DC (well, I'm out of the office this week, but I'm there
virtualy) have been kicking around an LDAP authentication mechanism,
probably a folderoid, to go against LDAP.  In fact, this was supposed to
be one of my projects when I get back next week.  From the details below
it looks like you have thought this out well, I didn't even consider
making an API of methods like XSQL methods, good idea!

> Right now, LDAP connections work, LDAP Methods work, but there's still 
> a bit more to do. Right now, the following is unimplemented:
> 
> In ZLDAPconn:
> . Anything other than simple_bind(who, passwd) for connecting to the 
>     LDAP server

That's where we want to start...

> . meaningful doc strings
> 
> In ZLDAPMethods:
> . Pluggable Brains
> . Result Caching
> . Limits on the number of results
> . Variable interpolation in the filters, and in the base DN
> . modify or add queries (only search is supported right now)
> . meaningful doc strings :)

Under the catagory 'result caching' you might want to consider making some
kind of Connection Manager in your LDAP Connection.  A model I've been
kicking around is a CM class that manages Connections and uses a simple 
caching algoritm.  Wrapping all of the API in a class will also help yu 
when you want to break out the LDAP stuff and stick it in shared.  In
this way, it becomes a sort of 'Device Driver' (to use Ken's
terminology) for the entire Zope system.  We're going to be doing this
with the IMAP functionality that NotMail uses.  I'm assuming what
you call an LDAP connection is like a Database Adapter is to ZSQL methods.
Maybe you might want to consider calling these LDAP Adapters.

 > 
> Other stuff:
> . UserLDAP is not finished yet (or released) - the primary issue is the
>     storing of roles and domains. Right now this would have to be some
>     non-standard LDAP attribute... but what should it be? It also probably
>     needs modify and add added to ZLDAPMethods before being really useful.
> 
The etcUserFolder product has a settable property to change the 'default
role' that the users are given.  You can check it out from the download
page, it is also in cvs under Packages/Products/etcUserFolder

> Things I'd like comments on:
> For ZLDAPconn:
>     what other bind methods would you like to see?
> For ZLDAPMethods:
>     how should add/modify/query be distinguished? Separate methods?
> 
I'd have to look at the code, I'll get back to you. (hey paul, I need a
laptop!)

> I had planned to get variable interpolation working tonight, but decided I'd
> rather get an early night. Probably tomorrow evening, instead. Stuff I hope to
> get going in the next day or so: variable interpolation, pluggable brains.
> 
Don't hurt yourself.  It looks like you got this down pretty good, I'll
proablby be looking into incorporating much of this if not all into Zope,
want to be in charge of zope LDAP?  We can give you an area on the site.

> Anyway, ZLDAPconn-0.1 and ZLDAPMethods-0.1 are now available from 
> http://www.interlink.com.au/anthony/python/
> 
> It requires David Leonard's ldapmodule, from 
> http://www.it.uq.edu.au/personal/leonard/dc-prj/ldapmodule/
> 
> It's been tested on Linux 2.2, under Zope 1.10.2 and ZServer. Assuming the
> ldapmodule works on other platforms (it's available in source, and also as
> a windows .pyd) it should work elsewhere, too.
> 
> Anthony
> 
> 
> _______________________________________________
> Zope maillist  -  Zope@zope.org
> http://www.zope.org/mailman/listinfo/zope
> 
> (For developer-specific issues, use the companion list,
> zope-dev@zope.org - http://www.zope.org/mailman/listinfo/zope-dev )
>