You are not logged in Log in Join
You are here: Home » Members » The Zope presence of Dylan Jay » Remote User Folder

Log in
Name

Password

 
 

Folder icon Remote User Folder

A RemoteUserFolder is used in cases where the Zope installation is behind a webserver which already takes care of authentication. In some cases it makes sense to let the webserver handle the authentication and Zope to handle permissions for those authenticated users. This user folder enables the hand off of all authentication to the remote webserver and you to control the roles of these users once authenticated.

If an object requires more than anonymous permissions then this folder will use the REMOTE_USER environment variable determine the ID of the user that was authenticated. If the ID matches that of a user object contained in the folder then this is the user object that will be used. If the ID does not match then a new user object will be created with no roles (if "auto add" option is turned on). This allows the webserver administrator to have complete control over who is allowed authenticated and the Zope administrator to control what they have access to.

An example of how this might be useful is the use of IIS internal windows authentication. IIS can be set to handle authentication of users against their current windows domain login, thus not requiring any further login to the website. With RemoteUserFolder installed, any user with a domain login will be automatically be a zope authenticated user. In addition with RemoteUserFolder it is possible to set a default set of roles for any user of a particular NT domain.

 Title   Type   Size   Modified   Status 
 0.4 Edit object Software Release   2003-01-08 published
 RemoteUserFolder public release Edit object News Item 1 K 2002-12-22 published