Scott's Workblog

scott.bradley.wilson@gmail.com


attention!
This blog has moved! Go to my new blog!


May 05, 2005

mIDm: The Zope Version

Stephen Downes has presented his take on a lightweight single-sign on system (mIDm); if you're interested in how the demonstration works in a Zope environment, here's a quick how-to

For more information on mIDm, go here.

First off, we need somewhere to store all these keys. The easiest way is to create a DTML Document object, as we can then just add keys to it as properties. So, create DTML Document called "sites" in a folder you can acquire.

Next, we need to create the "idme" Python script to handle key management. The source code should look like this:

# idme.py

# get the HTML request and response objects.
request = container.REQUEST
RESPONSE =  request.RESPONSE

sites = context.sites

if request.has_key('request'):
    if request['request']=='confirm':
        if request.has_key('site'):
            # validate the handle
            site = request['site']
            handle = sites.getProperty(site)
            if handle:
                # handle exists
                RESPONSE.setHeader('content-type', 'text/html')
                print handle,
            else:
                # handle doesn't exist
                pass
        else:
            # no site
            print "No site given"
else:
    # other actions - create key
    if request.has_key('key') and request.has_key('site'):
        site = request['site']
        key = request['key']
        if sites.getProperty(site):
            sites.manage_changeProperties({site:key})
        else :
            sites.manage_addProperty(site,key,'string')
        RESPONSE.redirect(site+"?confirm=yes")
    else:
        print "IDME Python script"

return printed

This script should be protected by Zope from anonymous view access, and require a login. This should be automatic, as anonymous users don't have the right to change properties on the 'sites' object.

Thats it. Put the URL for the idme script into your user agent string in Firefox, and you're ready. Check out Stephen's two single sign-on test scripts to see how it works.

main archive