[Zope-PAS] plone and openSSO

Kapil Thangavelu hazmat at objectrealms.net
Mon Sep 11 01:59:50 EDT 2006

i had to do this a few months back before sam went opensource. i relied on  
the apache agent to do auth, and had it pass the authenticated user name  
and groups in the request environment. the pas plugin for this (really  
just a generic pass through plugin) is available here.

svn co https://svn.objectrealms.net/svn/public/pasplugins/samagentauth  

implementing a full sam agent in zope is a bit of work, its a big stack to  
do it via the standards based mechanism of webservices. if you really want  
to go down this route and you have libertyalliance support in you sam  
installation, you should check out lasso, which will do some of the heavy  
lifting, but the move to samlv2 pares down the liberty protocols  
responsibilties to just websvcs so it might not be a long term viable  
option. internally alot of the sam agents just use a custom protocol that  
avoids the complexity of the websvc stack.



lasso - http://lasso.entrouvert.org/

On Sun, 10 Sep 2006 19:29:50 -0700, Serge Zagorac  
<Serge.Zagorac at manukau.ac.nz> wrote:

> Hi All,
> Is there a plugin or initiative for authentication plugin between Plone  
> / Zope and openSSO (formerly known as Sun Access manager)  
> https://opensso.dev.java.net/
> I would like to integrate our  plone site into our portal site which is  
> controled by the access manager (openSSO).
> I have been trying to write  the plugin myself but got stuck because I  
> did not know how to access clients (browsers) session cookies with  
> python or zope's api..
> What I would like to do is to get the value of the session cookie the  
> access manager sets in the clients browser upon successful login and  
> then invoke the web service via soap with the cookie value which returns  
> the user name that I will then pass over to Zope.
> However I found this task impossible to do because I was not able to  
> find the way to access client session cookies with python or zope.
> Or I'm wrong...??
> Please help
> Thanks
> Serge
> _______________________________________________
> Zope-PAS mailing list
> Zope-PAS at zope.org
> http://mail.zope.org/mailman/listinfo/zope-pas

More information about the Zope-PAS mailing list