Logo
Technology switch !

CPSUserFolder Design

Last modified: 05/20/2006 07:46 AM
Revision: cpsuserfolder.txt 30656 2005-12-14 22:48:22Z dkuhlman

Contents

1   Introduction

CPSUserFolder is a user folder designed to work in conjunction with CPSDirectory (and therefore CPSSchemas). Directories are used to describe what are the attributes of a user (using a schema) and where they are stored (depending on the type of directory). This is also used for roles and groups, so that, for instance, one can easily add additional properties to groups.

2   Configuration

When configuring a CPS User Folder, you have to specify a number of parameters:

  • Users directory

    The directory that holds the users. It's recommended that it be a directory called 'members', as this name is assumed by CPS in several place.

    The ID of this directory's entries will be the user IDs.

  • Users directory: login field

    The field of the users directory that is used to find users at login time. It may be different that the directory's ID field.

    If it is empty, the directory's ID field will be used.

  • Users directory: roles field

    The field of the users directory that holds the roles of the user.

  • Users directory: groups field

    The field of the users directory that holds the groups of the user.

During authentication, the password of an entry will be checked using the directory's API to check authenticated entries. Depending on the directory type, this may be a comparison with an clear text field, or (in the case of LDAP for instance) a specific authentication against the directory's backend.

3   Directories

CPSUserFolder uses heavily the MetaDirectory and StackingDirectory of CPSDirectory. These directories provide a unified view of several other directories, and dispatch requests accordingly. They can also convert attribute names.

The main uses of MetaDirectory in CPSUserFolder are:

  • storing some attributes of an entry in one directory (ex: LDAP for main corporate user information) and other attributes in another directory (example: ZODB for Zope-specific information like 'last_login_time').
  • renaming fields (example: the 'email' field of the directory 'members' actually comes from the 'mail' field of the directory 'members_ldap').

The main use of StackingDirectory in CPSUserFolder is:

  • Having some users stored in one directory and others in another directory (example: aggregation of two LDAP branches).
  • Providing a different view on a directory (example: LDAP, whose ID field is the DN, seen as standard directory whose ID field is an uid).

4   Memberdata Tool

In standard CMF, the memberdata tool exists to hold additional information about users that cannot be stored in the user folder. With CPSUserFolder, it's no longer necessary as a MetaDirectory can be used to dispatch some attributes into the standard storage, and additional attributes (login_time, last_login_time, etc.) to another storage.
This site is powered by CPS, which includes CPSSkins. CPS and its design are Copyright © 2002-2006 Nuxeo SAS.
CPSSkins is Copyright © 2003-2006 Jean-Marc Orliaguet.
powered_by_nuxeo.png