[Cubicweb] multiple CubicWeb instances and authentication

aurélien campéas aurelien.campeas at gmail.com
Fri Jul 26 09:45:28 CEST 2013


2013/7/26 Dimitri Papadopoulos Orfanos <dimitri.papadopoulos at cea.fr>

> Hi,
>
>
Hi,


> It have now understood how to have CubicWeb delegate authentication to
> Apache (CubicWeb/trustedauth), and how to have Apache delegate
> login/password management to CubicWeb (Apache/mod_authn_dbd).
>
> The above works fine in the case of a single CubicWeb instance.
>
> In the case of multiple CubicWeb instances, how to use the same CWUsers in
> multiple CubicWeb instances? Even putting aside Apache, trustedauth and
> mod_authn_dbd, do we have to delegate authentication to an external
> database such as LDAP? Could we manage CWUsers in a central CubicWeb
> instance that would be somehow used by other CubicWeb instances?
>

Both ldap and a dedicated instance are a reasonable solution.

ldap pros:
* leverage an existing ldap instance
* already in cubicweb
ldap cons:
* you need to configure it (& know some ldap minutiae)
* group support is a bit fresh (but David knows more about this)

dedicated instance pros:
* you are free from ldap
* may be more flexible and more convenient than setting up an ldap instance
if you don't have one
cons:
* you must write a feed parser to synchronize users & groups

Cheers,
Aurélien.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cubicweb.org/pipermail/cubicweb/attachments/20130726/6ce631e0/attachment-0186.html>


More information about the Cubicweb mailing list