ldap groups <---> ez groups

Previous topic

Suggestions

Next topic

Author	Message
Artturi Markko	Wednesday 03 May 2006 1:11:00 pm Hello, I have setup Ez Publish with authentication against a ldap server. I've read I can put a user from ldap in different groups by using a special attribute on the user ('memberof' for example). That's fine but I think it would also be interesting to use the existing groups defined in ldap by searching in the groups for the use who logs in. I've experienced a setup of Plone which permits that with the module LDAPUserFolder and it's quite impressive. How it could work : 1) in the ldap setup : -configuration of the ldap branch where groups are stored (ou=groups,dc=example,dc=com) - configuration of some mappings ldapGrpsToEzGrps["ldap_grp1"] = myEzGrpForLdapGrp1 2) When the user logs in, a search is performed on "ou=groups,dc=example,dc=com" for groups haing an attribute "member" or "uniquemember" equal to the dn of the authenticated user. If that can be any source of inspiration, here's the python code of LDAPUserFolder.py http://svn.dataflake.org/filedetails.php?repname=DataflakeSoftware&path=%2FLDAPUserFolder%2Ftrunk%2FLDAPUserFolder.py&rev=0&sc=0 Best regards, Artturi
Artturi Markko	Saturday 02 December 2006 12:05:34 pm A reply just for the sake of completeness as the url to this post is mentionned in the Ez 3.9 feature list. If you're interested by this feature, you'll want to read these posts : http://ez.no/community/forum/developer/contrib_ldap_group_mappings http://ez.no/community/forum/developer/pb_with_ldapusermanage_php_on_ldap_contrib Regards, Artturi

Author

Message

Artturi Markko

Wednesday 03 May 2006 1:11:00 pm

Hello,

I have setup Ez Publish with authentication against a ldap server.

I've read I can put a user from ldap in different groups by using a special attribute on the user ('memberof' for example).

That's fine but I think it would also be interesting to use the existing groups defined in ldap by searching in the groups for the use who logs in.
I've experienced a setup of Plone which permits that with the module LDAPUserFolder and it's quite impressive.

How it could work :

1) in the ldap setup :
-configuration of the ldap branch where groups are stored (ou=groups,dc=example,dc=com)
- configuration of some mappings
ldapGrpsToEzGrps["ldap_grp1"] = myEzGrpForLdapGrp1

2) When the user logs in, a search is performed on "ou=groups,dc=example,dc=com" for groups haing an attribute "member" or "uniquemember" equal to the dn of the authenticated user.

If that can be any source of inspiration, here's the python code of LDAPUserFolder.py

http://svn.dataflake.org/filedetails.php?repname=DataflakeSoftware&path=%2FLDAPUserFolder%2Ftrunk%2FLDAPUserFolder.py&rev=0&sc=0

Best regards,

Artturi

Artturi Markko

Saturday 02 December 2006 12:05:34 pm

A reply just for the sake of completeness as the url to this post is mentionned in the Ez 3.9 feature list.

If you're interested by this feature, you'll want to read these posts :

http://ez.no/community/forum/developer/contrib_ldap_group_mappings
http://ez.no/community/forum/developer/pb_with_ldapusermanage_php_on_ldap_contrib

Regards,

Artturi

eZ debug

Timing:	Jan 18 2025 11:06:54
Script start
Timing:	Jan 18 2025 11:06:54
Module start 'layout'
Timing:	Jan 18 2025 11:06:54
Module start 'content'
Timing:	Jan 18 2025 11:06:54
Module end 'content'
Timing:	Jan 18 2025 11:06:54
Script end

Main resources:

Total runtime	0.5738 sec
Peak memory usage	4,096.0000 KB
Database Queries	52

Timing points:

Checkpoint	Start (sec)	Duration (sec)	Memory at start (KB)	Memory used (KB)
Script start	0.0000	0.0060	589.0391	152.6250
Module start 'layout'	0.0060	0.0030	741.6641	39.4453
Module start 'content'	0.0090	0.5635	781.1094	428.3594
Module end 'content'	0.5725	0.0013	1,209.4688	8.1641
Script end	0.5738		1,217.6328

Time accumulators:

Accumulator	Duration (sec)	Duration (%)	Count	Average (sec)
Ini load
Load cache	0.0035	0.6062	16	0.0002
Check MTime	0.0014	0.2513	16	0.0001
Mysql Total
Database connection	0.0009	0.1581	1	0.0009
Mysqli_queries	0.5270	91.8367	52	0.0101
Looping result	0.0005	0.0925	50	0.0000
Template Total	0.5338	93.0	2	0.2669
Template load	0.0030	0.5209	2	0.0015
Template processing	0.5308	92.5057	2	0.2654
Template load and register function	0.0002	0.0415	1	0.0002
states
state_id_array	0.0012	0.2166	1	0.0012
state_identifier_array	0.0009	0.1504	2	0.0004
Override
Cache load	0.0026	0.4462	25	0.0001
Sytem overhead
Fetch class attribute can translate value	0.0014	0.2452	1	0.0014
Fetch class attribute name	0.0016	0.2778	2	0.0008
XML
Image XML parsing	0.0003	0.0538	1	0.0003
class_abstraction
Instantiating content class attribute	0.0000	0.0011	2	0.0000
General
dbfile	0.0007	0.1208	10	0.0001
String conversion	0.0000	0.0012	4	0.0000
Note: percentages do not add up to 100% because some accumulators overlap

Templates used to render the page:

Usage	Requested template	Template	Template loaded
1	node/view/full.tpl	full/forum_topic.tpl	extension/sevenx/design/simple/override/templates/full/forum_topic.tpl
2	content/datatype/view/ezxmltext.tpl	<No override>	extension/community_design/design/suncana/templates/content/datatype/view/ezxmltext.tpl
5	content/datatype/view/ezxmltags/paragraph.tpl	<No override>	extension/ezwebin/design/ezwebin/templates/content/datatype/view/ezxmltags/paragraph.tpl
3	content/datatype/view/ezxmltags/line.tpl	<No override>	design/standard/templates/content/datatype/view/ezxmltags/line.tpl
1	print_pagelayout.tpl	<No override>	extension/community/design/community/templates/print_pagelayout.tpl
Number of times templates used: 12 Number of unique templates used: 5

Time used to render debug report: 0.0001 secs