[Zope] Single Sign on

Dieter Maurer dieter@handshake.de
Wed, 16 Apr 2003 21:24:38 +0200


David Orr wrote at 2003-4-16 12:11 +0800:
 > I am currently building an intranet utilising Zope/Plone and plan on
 > authenticating users via LDAP (ldapuserfolder).  However I am now expected
 > to implement a "single sign on" system for the company which currently uses
 > NT domains to authenticate users.  

What do you mean by "single sign on"?

I expect you mean "one login for all applications, both Windows
as well as intranet application".

 > Has anybody had any experience in this?  I'm beginning to think that it may
 > be "easier" (short term at least) to just authenticate people via NT domain
 > and drop the ldap.  I will be very grateful for any advice.

When you mean the above, then "LDAP" will not help you.

I know that IE is ready to send the Windows authentication
information when challenged in the correct way.
We use this for our intranet applications.

However, I do not know how to do this with Zope.
Maybe, "NTUserFolder" supports it.


Dieter