[Zope] Zope LDAP Products available (v0.1)

[Anthony Baxter]

>>> Michel Pelletier wrote
> We here at DC (well, I'm out of the office this week, but I'm there
> virtualy) have been kicking around an LDAP authentication mechanism,
> probably a folderoid, to go against LDAP.  In fact, this was supposed to
> be one of my projects when I get back next week.  From the details below
> it looks like you have thought this out well, I didn't even consider
> making an API of methods like XSQL methods, good idea!

It's on the list. I was originally going to write a simple LDAP auth
object, then thought about it a bit more and realised a generic interface
into LDAP would be more useful, then I can bolt the auth on top.

> > In ZLDAPconn:
> > . Anything other than simple_bind(who, passwd) for connecting to the 
> >     LDAP server
> That's where we want to start...

The way I figure it, I'll support this first. If/when someone needs 
something else, I'll look at supporting that.

> Under the catagory 'result caching' you might want to consider making some
> kind of Connection Manager in your LDAP Connection.  A model I've been
> kicking around is a CM class that manages Connections and uses a simple 
> caching algoritm.  

Not quite sure what you're getting at here :)

> Wrapping all of the API in a class will also help yu 
> when you want to break out the LDAP stuff and stick it in shared.  In
> this way, it becomes a sort of 'Device Driver' (to use Ken's
> terminology) for the entire Zope system.  

Hm. The LDAP connection already is a class. It's as much a device driver
as the current Database Adaptors.

> We're going to be doing this
> with the IMAP functionality that NotMail uses.  I'm assuming what
> you call an LDAP connection is like a Database Adapter is to ZSQL methods.
> Maybe you might want to consider calling these LDAP Adapters.

Good point. Next version, they'll be called that. (I figure I'm allowed
to make changes like this between versions 0.1 and 0.2 :)


> The etcUserFolder product has a settable property to change the 'default
> role' that the users are given.  You can check it out from the download
> page, it is also in cvs under Packages/Products/etcUserFolder

That and maybe allowing a mapping for any organizationalRole that 
the users have. More useful for the "lecturer", "student" type
roles.

> I'd have to look at the code, I'll get back to you. (hey paul, I need a
> laptop!)

Yeah, Paul, get the boy a laptop. :)

> > I had planned to get variable interpolation working tonight, but decided I'd
> > rather get an early night. Probably tomorrow evening, instead. Stuff I hope
> > get going in the next day or so: variable interpolation, pluggable brains.
> > 
> Don't hurt yourself.  It looks like you got this down pretty good, I'll
> proablby be looking into incorporating much of this if not all into Zope,

I've got variable interpolation _mostly_ working. For some reason, though,
it doesn't pick up all the namespaces - I'm probably just not using 
the document templates right. I'm going to add DTML interp. to both the
filters and to the baseDN.

Depends on my supply of round tuits - I might get the pluggable brains
also working shortly. I kinda see how they work now.

> want to be in charge of zope LDAP?  We can give you an area on the site.

Hm - depends if it's easier to get to than my current web site. :)

Anthony

-- 
Anthony Baxter     <anthony@interlink.com.au>   
It's never to late to have a happy childhood.