[Zope] Authentication from within External Methods

Marc O. Sandlus marc@sandlus.de
11 Feb 2002 21:04:27 +0100


On Mon, 2002-02-11 at 19:00, Dario Lopez-K=E4sten wrote:

Hello Dario,

thanks for your quick reply.

> These options exist, afaik:
>=20
> * Using exUserFolder you can write an "authentication source" that
>   will let you do this within the exUserFolder framwork.
>=20
> There are several more user-folder replacements, LoginManager is another,
> for instance.
>=20
> * Write your own usermanagement parallel to zope's and mimicking
>   the API you can do this both with external methods and Python-
>   Scripts. You won't be able to use these users to in the zope
>   management interface, though.

I don't really want to reinvent the wheel and implement my own
usermanagement (because then I prefer php which is not so awkwardly
documented...)

I want to use Zope's (the CMF's, that is) user management, so I thought
there must be a way to make sure that only an authenticated user (with a
given role) calls an External Method. Since I couldn't find any
Permission Settings for External Methods which could disallow specific
users calling them, I wonder about Zope security.

Would appreciate any help...

Regards,
Marc