[Zope3-Users] Re: Remote authentication

David Pratt fairwinds at eastlink.ca
Sat May 12 10:56:59 EDT 2007


Hi Maciej. I have been reading quite a bit about CAS today. It looks 
like a good way to go. Couple of questions with how you having it 
working in z2. Are you using LDAP as a user store with CAS. I have 
downloaded a few of the z2 products to study the code in the interim 
since a plugin for z3 would be a good thing. I've got to look at how 
this works with users and groups code particular with additional info 
you need for an app.

Anybody out there interested in helping with something like this? I'm 
likely to start a project for this for z3 package but with zpl or mit 
licensing since something this generic should have few barriers to 
anyone using Yale's system. Many thanks.

Regards,
David



Maciej Wisniowski wrote:
> Hi!
> 
> For single sign on there is also CAS (Central Authentication Service).
> We're sucessfully using this in our Zope2 apps. It has plugin for PAS
> in Zope2 (CAS4PAS). CAS also works with other systems - plugins for
> java, php and other exists.
> 
> Important thing here is to distinguish between authentication and
> authorization. For example SSO like CAS can only tell you if your
> user is authenticated. It won't tell you if he has some permissions
> and/or roles to do something. But with PAS you can write another plugin
> that will set proper roles for user etc.
> 
> 


More information about the Zope3-users mailing list