[Zope] Single authentication for several servers

Jean-Francois.Doyon@CCRS.NRCan.gc.ca Jean-Francois.Doyon@CCRS.NRCan.gc.ca
Fri, 7 Mar 2003 13:10:13 -0500 

I've faced a similar situation (Though not with Zope at all actually) ...

The way I prefered was to set the cookies for both domains in one pass, by
using cascading scripts on each server, so that when you log in to one, it
sets cookies for itself, and then transparently calls a script on the other
site asking IT to set cookies for itself.

This of course depends on both sites using the same cookies, which may or
may not be the case depending on exactly how you authenticate.

But it's an option,

Cheers,
J.F.

-----Original Message-----
From: Thierry FLORAC [mailto:thierry.florac@onf.fr]
Sent: Friday, March 07, 2003 12:57 PM
To: zope@zope.org
Subject: [Zope] Single authentication for several servers



  Hi,

I'd like to setup this environment :
 - I have a first site, handled by Zope, behind an Apache server and rewrite

rules. Authentication on this server is done throught an LDAP server with 
LDAPUserFolder.
 - I have a second site on a different server, handled by Apache+PHP. 
Authentication on this server is done throught the same LDAP server, so with

the same login/password, throught mod_ldap.

My problem is that when I switch from the first server to the second, I'd
like 
to avoid a second authentication. So my idea was to access to server2 
throught "http://www.site1.com/site2", with Apache handling a new rewrite 
rule in proxy mode. Do you think that it should work (I can't test easilly 
before asking you !!)  ??

Of course :
 - I don't have any SSO solution ;
 - I can't rebuild my PHP application with Zope before several months :-((
(but I can update scripts to take the new access path into account).

Thanks for any help or advise.

  Thierry

-- 
  Linux every day, keeps Dr Watson away...
  http://gpc.sourceforge.net -- http://www.ulthar.net

_______________________________________________
Zope maillist  -  Zope@zope.org
http://mail.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope-dev )