May 05, 2005
mIDm: The Zope Version
Stephen Downes has presented his take on a lightweight single-sign on system (mIDm); if you're interested in how the demonstration works in a Zope environment, here's a quick how-to
For more information on mIDm, go here.
First off, we need somewhere to store all these keys. The easiest way is to create a DTML Document object, as we can then just add keys to it as properties. So, create DTML Document called "sites" in a folder you can acquire.
Next, we need to create the "idme" Python script to handle key management. The source code should look like this:
# idme.py
# get the HTML request and response objects.
request = container.REQUEST
RESPONSE = request.RESPONSE
sites = context.sites
if request.has_key('request'):
if request['request']=='confirm':
if request.has_key('site'):
# validate the handle
site = request['site']
handle = sites.getProperty(site)
if handle:
# handle exists
RESPONSE.setHeader('content-type', 'text/html')
print handle,
else:
# handle doesn't exist
pass
else:
# no site
print "No site given"
else:
# other actions - create key
if request.has_key('key') and request.has_key('site'):
site = request['site']
key = request['key']
if sites.getProperty(site):
sites.manage_changeProperties({site:key})
else :
sites.manage_addProperty(site,key,'string')
RESPONSE.redirect(site+"?confirm=yes")
else:
print "IDME Python script"
return printed
This script should be protected by Zope from anonymous view access, and require a login. This should be automatic, as anonymous users don't have the right to change properties on the 'sites' object.
Thats it. Put the URL for the idme script into your user agent string in Firefox, and you're ready. Check out Stephen's two single sign-on test scripts to see how it works.
