[Zope] Auto-Login from MS Domain

sean.upton@uniontrib.com sean.upton@uniontrib.com
Fri, 08 Mar 2002 09:21:16 -0800


XUF running on a Unix or NT box will do SMB auth off any NT box in a domain,
but can't do anything as nice as map Domain groups to roles, and dive users
in those groups certain roles, etc.  This is a limitation of the client
library.  The only reasonable workaround if your Zope box runs Unix is
likely something like LDAP (if your network supports it) as a bridge to your
NT Domain info; though if your Zope instance runs on an NT box I think there
are some tools to allow you to do NT Authentication and also Authorization
(map users to roles somehow).

I can say, however, that the XUF SMB Authentication works just fine, and is
easy to set up, provided all you are looking for is Authentication.

The magic IE-specific NTLM-over-HTTP auth mechanism could work, provided you
hacked it into ZServer, becuase it requires a specifc sequence of HTTP
responses and headers...  I've never used this, but found some info at:
http://www.innovation.ch/java/ntlm.html

Sean

-----Original Message-----
From: Andy McKay [mailto:andy@agmweb.ca]
Sent: Friday, March 08, 2002 7:55 AM
To: zope@zope.org
Subject: Re: [Zope] Auto-Login from MS Domain


Doesn't XUF have some way of auth'ing from a Windows domain? I don't know if
you can auto login to a site by magically requesting the network login,
sounds like it would be bit of a security risk...

----- Original Message -----
From: "Chris Withers" <chrisw@nipltd.com>
To: <zope@zope.org>
Sent: Friday, March 08, 2002 4:40 AM
Subject: [Zope] Auto-Login from MS Domain


> Hi All,
>
> Does anyone have any idea how I could get a browser to provide
authentication credentials
> (either basic auth or cookie auth) from the user's Network Login?
>
> This is on Windoze, although I'm not sure of the specifics.
>
> What are the options?
>
> cheers,
>
> Chris
>
> _______________________________________________
> Zope maillist  -  Zope@zope.org
> http://lists.zope.org/mailman/listinfo/zope
> **   No cross posts or HTML encoding!  **
> (Related lists -
>  http://lists.zope.org/mailman/listinfo/zope-announce
>  http://lists.zope.org/mailman/listinfo/zope-dev )
>



_______________________________________________
Zope maillist  -  Zope@zope.org
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )