[Zope] User authentication via relational database

Cliff Ford Cliff.Ford at ed.ac.uk
Sun Oct 17 01:45:57 EDT 2004


You can use exUserFolder, which can interface to a number of databases.

The user's roles come from the ROLES column of a database table. You 
should not create 4 users in Zope, just create the roles with the 
required permissions. Try this is in a sub-folder first because it is 
easy to lock yourself out of Zope when you don't understand exactly what 
you are doing.

Cliff

Hermann Himmelbauer wrote:
> Hi,
> I need to authenticate users against a relational database and after that give 
> them rights to Zope. I have still problems understanding the underlying Zope 
> concepts, perhaps you can give me some hints.
> 
> My case is quite simple: My system design has 4 roles: "anonymous", 
> "customer", "member" and "director". When people log on to the system, their 
> login/pass is checked with a relational database and then the user is 
> associated with one of these roles.
> 
> It would be ideal to map those roles to Zope, so that I can limit access to 
> certain functions directly with Zope. But how could I do that?
> 
> I thought about it like that: In Zope, I create 4 users, and give each of 
> these users an appropriate Zope role. If someone logs in the userid/pass is 
> then checked with the relational database and after that the user is somehow 
> logged into Zope as one of these 4 users accordings to the rights set in my 
> database. For limiting access I would then adapt the security of certain Zope 
> objects.
> 
> Will this concept work with Zope? What would I have to do? Or is there perhaps 
> a better solution to my problem?
> 
> Best Regards,
> Hermann
> 


More information about the Zope mailing list