[Zope] Database Access Question

Oliver Bleutgen Oliver Bleutgen <myzope@gmx.net>
Mon, 23 Apr 2001 17:19:31 +0200 

> hi,


> I'm trying to get the Zope zen when it comes to zSql methods and a custom
> user
> folder.  I've got a Win32 application that I'm trying to evolve into a
> combination
> of WebObjects and Zope applications.  I'm hoping to share an
> authentication
> mechanism/scheme between the 3 applications.  The current Win32 app uses a
> combination of database protection and a custom "license" mechanism to
> enable/disable application features based on a user's role.  I need to
> replicate
> this functionality in Zope.

> I would like to have a user folder that authenticates a user based on a
> combination
> of database password (i.e., like the username and password that the
> zODBCDA
> connection uses for the connection string) and a custom users table (if
> the user
> gets that far), and a license file product that sits in the custom user
> folder and
> provides role information.  I've looked at LoginManager and UserDB and
> don't know
> which one to start with, or even if either of them is an appropriate
> launch point.

Hi Chris,

my first idea would be to create the database connections when
the user is created, i.e. in a special per-user folder and hardwire
the db-login and passwd in the database connection.
In the folder above I would use LoginManager (don't know
about UserDB, though). 
LoginManager has a method which is called userAuthenticate
which returns true (or 1) if the user is authenticated.
Use that for checking your users against any datasource you
like, for instance

<dtml-in "SQL_get_password(username=username)"> 
<dtml-if "_.crypt(password,_['sequence-item'].real_password)==_['sequence-item'].real_password">
<dtml-return "_.int('1')">
</dtml-if>
</dtml-in>

for checking against crypted passwords in an external database.

Theres also a Method called userRoles which returns a list
of the roles the users has. This could check your license files
with the help of an external method in order to return the 
appropriate roles which then could be used in zope with custom roles.

cheers,
oliver