[kforge-dev] http auth
rufus.pollock at okfn.org
Wed Apr 25 12:12:05 UTC 2007
To follow up John's response ...
Tristan Rivoallan wrote:
> i discovered kforge yesterday and it is definitely what my company needs
> to manage projects (we already have a trac farm, along with some python
> utils for easy deployment).
> Instead of continuing developing our homebrew solution, i would prefer
> to contribute to kforge.
> The critical bit we need and that i could not find in kforge is ldap auth.
The authentication (who you are) and authorization (access control, i.e.
given who you are are you allowed to access/do X) are separated.
Currently access control is handled by:
This in turn uses the base access control functionality provided by
domainmodel (see more on this below):
Authentication (which seems to be what you are after) is currently done
On the 'project' host side of things (i.e. where trac/svn/etc live) we
use a combination of cookie authentication and apache basic auth. Basic
auth code is at bottom of:
You don't really need to worry about that since ultimately all
authentication of users goes through:
kforge.command.PersonAuthenticate(personName, password) which actually
So to get your ldap authentication you'd need to override/replace this
command (or do something in apache so that the username is set when it
comes through to the modpython handlers).
> Is it possible to manage authentification using http auth, while
> delegating perms and prefs management to kforge (as in trac) ?
> All i found on the subject is this thread :
> i still does not understand where the SystemAccessControl class can be
> found :S
It can be found in the domainmodel package:
It is perhaps a little confusing that it is not in KForge but a lot of
common components are factored out into the separate dm package (which
in turn is used by projects other than KForge).
> I would be happy to code that and contribute it back to the project, but
> some pointers would help.
That would be fantastic. Please just ask about anything that isn't clear.
More information about the kforge-dev