[Zope] LoginManager or exUserFolder

[Dario Lopez-Kästen]

> +-------[ Dario Lopez-Kästen ]----------------------
[...]
> |
> | Hm... that'd be my next ask here at work. I am planning on building a
new
> | Generic SQL auth method that let's you specify what roles there are f=
or
a
> | user using a one to many relationship model (actually a many to many
> | relationship model).

[...]

>
> The problem is keeping it simple enough out of the box, that relative
> newcomers can use it. Trying to explain even more than simple schemas c=
an
> be somewhat difficult at times. People understand having one table with
> everything in it almost immediately.

yeah, that's the hard part. I was thinking of maybe using Gadfly as an
example along with a schematic drawing of why you'd want to do it this or
the other way.

> I have toyed with the idea of also having pluggable Roles sources, sinc=
e
> some (especially remote) AuthAdapters can't natively provide this, and =
so
> there's a gross hack in things like etcAuthSource where roles are store=
d
> as a private property of the user.

hm... this would really be a nice idea I think being more modular... seems
like we are thinking in the same patterns here, perhaps?

I've written up a bit on user management for some internal infrastructure
work we are doing, where we have identified the "services"  we need to have
in order to manage users and accounts and people.

You can find it here

http://www.zope.org/Members/dlkita/user_management

if you have the time to spend, i'd appreciate your comments.

What I want to do is to use Zope to provide the GUI to manage the
infrastructure and as well as fetch the sources for Zope's users _from_ the
infrastructure.

So far it seems that XUF is a perfect fit for it, given a little more
development and testing. An excellent proof of this is Philip Mayers PAM
auth recipe, which is something I'll look into (it solves on big problem for
me: kerberos/dce auth :-)

Thanks,

/dario