First LDAPUserFolder 2.0 beta released
The LDAPUserFolder product provides a Zope user folder implementation that can authenticate users with the help of a LDAP directory. It has a full range of record management tools and uses caching of LDAP data to improve responsiveness.
Version 2.0 represents a major code base refactoring. The main goals were code simplification, cruft removal and improving maintainability for me. While this meant putting the axe to some features it also enabled me to implement some other functionality that would have been much harder to do using the old code.
Every current LDAPUserFolder user is encouraged to try the new version and provide feedback.
Some of the main changes include...
- Deprecation of built-in cookie support. If you need cookies you can install the excellent CookieCrumbler product. See http://www.zope.org/Members/hathawsh/CookieCrumbler for more information.
- Deprecation of ZBabel support. Few people provided any feedback on it and it was a PITA to maintain the translations.
- You can now specify multiple LDAP servers that are used for failover in case the primary server is down.
- The usage of a Manager login can be specified in a more fine-grained fashion so that it is possible to restrict its usage to initial user login only when the user record needs to be looked up.
- A new object called LDAPUserSatellite allows manipulation of roles depending on the context the user is in. Roles can be added by either providing simple mappings (Role X is mapped to roles A, B and C in this context) or by providing another LDAP group record search base to complement the search base used by the LDAPUserFolder itself. This role manipulation can also be done recursively, meaning more than a single LDAPUserSatellite can be applied in a single lookup.
You can find version 2.0 beta1 of the LDAPUserFolder at the usual location at http://www.dataflake.org/software/ldapuserfolder and feedback is welcome in the JTracker set up for it under http://www.dataflake.org/software/tracker .