[Zope3-dev] Re: LDAP Authentication source
Philipp von Weitershausen
philipp at weitershausen.de
Mon Jun 28 05:09:26 EDT 2004
Nicolas Évrard wrote:
> Hello,
>
> I'm currently continuing my journey in zope3 and I stumble accross the
> NewPrincipalSource recipe. So instead of copying it verbatim, I tried to
> do a ldap version of this one.
Great! If you think you are ready to share your work, consider
contributing it to the z3 base project, http://codespeak.net/z3/
> I'm now thinking about extending this little product. Adding caching,
> and maybe a specialized principal for ldap.
>
> But I wonder, is it really usefull to add such a specialized principal ?
> Because in a certain sense this kind of code seems neat:
>
> >>> foo = source.getPrincipal('foo')
> >>> print foo.sn
> 'Fee Fi Fo fun for me'
>
> But this king of information is not related to security and might
> (should ?) take place somewhere else.
Indeed, the interface that describes principals, IPrincipal, is only
about security-related information. A good way would probably to have an
extra interface, e.g. ILDAPNode, and adapt principals to it:
>>> foo = source.getPrincipal('foo')
>>> ldap = ILDAPNode(foo)
>>> print ldap.sn
Fee Fi Fo fun for me
The underlying implementation could actually do:
class LDAPPrincipal(object):
implements(IPrincipal, ILDAPNode)
...
If an object is adapted to an interface it already provides, the object
itself is returned...
Philipp
More information about the Zope3-dev
mailing list