Mercurial > p > roundup > code
comparison doc/customizing.txt @ 1680:86cc794cc3a0
added simplistic LDAP authentication example
| author | Richard Jones <richard@users.sourceforge.net> |
|---|---|
| date | Tue, 24 Jun 2003 01:34:18 +0000 |
| parents | e2caeaa34ed4 |
| children | 3c3e44aacdb4 |
comparison
equal
deleted
inserted
replaced
| 1679:e2caeaa34ed4 | 1680:86cc794cc3a0 |
|---|---|
| 1 =================== | 1 =================== |
| 2 Customising Roundup | 2 Customising Roundup |
| 3 =================== | 3 =================== |
| 4 | 4 |
| 5 :Version: $Revision: 1.90 $ | 5 :Version: $Revision: 1.91 $ |
| 6 | 6 |
| 7 .. This document borrows from the ZopeBook section on ZPT. The original is at: | 7 .. This document borrows from the ZopeBook section on ZPT. The original is at: |
| 8 http://www.zope.org/Documentation/Books/ZopeBook/current/ZPT.stx | 8 http://www.zope.org/Documentation/Books/ZopeBook/current/ZPT.stx |
| 9 | 9 |
| 10 .. contents:: | 10 .. contents:: |
| 3110 db.close() | 3110 db.close() |
| 3111 | 3111 |
| 3112 And that's it! | 3112 And that's it! |
| 3113 | 3113 |
| 3114 | 3114 |
| 3115 Using an LDAP database for user information | |
| 3116 ------------------------------------------- | |
| 3117 | |
| 3118 A script that reads users from an LDAP store using | |
| 3119 http://python-ldap.sf.net/ and then compares the list to the users in the | |
| 3120 roundup user database would be pretty easy to write. You'd then have it run | |
| 3121 once an hour / day (or on demand if you can work that into your LDAP store | |
| 3122 workflow). See the example `Using a UN*X passwd file as the user database`_ | |
| 3123 for more information about doing this. | |
| 3124 | |
| 3125 To authenticate off the LDAP store (rather than using the passwords in the | |
| 3126 roundup user database) you'd use the same python-ldap module inside an | |
| 3127 extension to the cgi interface. You'd do this by adding a method called | |
| 3128 "verifyPassword" to the Client class in your tracker's interfaces.py | |
| 3129 module. The method is implemented by default as:: | |
| 3130 | |
| 3131 def verifyPassword(self, userid, password): | |
| 3132 ''' Verify the password that the user has supplied | |
| 3133 ''' | |
| 3134 stored = self.db.user.get(self.userid, 'password') | |
| 3135 if password == stored: | |
| 3136 return 1 | |
| 3137 if not password and not stored: | |
| 3138 return 1 | |
| 3139 return 0 | |
| 3140 | |
| 3141 So you could reimplement this as something like:: | |
| 3142 | |
| 3143 def verifyPassword(self, userid, password): | |
| 3144 ''' Verify the password that the user has supplied | |
| 3145 ''' | |
| 3146 # look up some unique LDAP information about the user | |
| 3147 username = self.db.user.get(self.userid, 'username') | |
| 3148 # now verify the password supplied against the LDAP store | |
| 3149 | |
| 3150 | |
| 3115 Enabling display of either message summaries or the entire messages | 3151 Enabling display of either message summaries or the entire messages |
| 3116 ------------------------------------------------------------------- | 3152 ------------------------------------------------------------------- |
| 3117 | 3153 |
| 3118 This is pretty simple - all we need to do is copy the code from the | 3154 This is pretty simple - all we need to do is copy the code from the |
| 3119 example `displaying only message summaries in the issue display`_ into | 3155 example `displaying only message summaries in the issue display`_ into |