[Zope] LDAPUserSatellite - Misunderstood usage?
Chris Connett
chrisconnett at gmail.com
Sun Oct 3 21:26:49 EDT 2004
On Sat, 2 Oct 2004 19:18:37 +0100, Jens Vagelpohl <jens at dataflake.org> wrote:
*snip*
> > Is there a certain ``id`` that the satellite must have in order to be
> > effective?
> > Right now, with logging on 9, nothing shows up in the log besides the
> > two lines at the end of this message, as if the satellite is being
> > bypassed entirely when authentication happens.
> >
> > Or is there a certain structure that I am not following, i.e. the
> > satellite is sitting inside the actual folders for which I want to
> > give augmented roles. Is this the proper setup?
>
> Yes, this is the proper setup. It is important to note that the
> LDAPUserSatellite only works in conjunction with a LDAPUserFolder, the
> link here is the kind of user object emitted by the LDAPUserFolder.
> Only a user object of class LDAPUser has a specialized "allowed" method
> that tries to find and use LDAPUserSatellite objects to augment its
> roles on a per-request basis.
I took a look at the source and it seems straightforward enough. When
I did a little introspection, I found something that might be a
problem. I created an external method to report the type of the
current user object (needed to be an external method for ``type``),
and for both kinds of users, standard (i.e. admin in the default user
folder), and authenticated out of LDAP, I got::
<extension class Acquisition.ImplicitAcquirerWrapper at 40796180>
so it appears that the users aren't gaining roles because the
``allowed`` method of LDAPUser isn't getting called.
Could this have something to do with it, or am I way off base?
--
Chris Connett
More information about the Zope
mailing list