[Cubicweb] multiple CubicWeb instances and authentication

aurélien campéas aurelien.campeas at gmail.com
Fri Jul 26 09:45:28 CEST 2013

2013/7/26 Dimitri Papadopoulos Orfanos <dimitri.papadopoulos at cea.fr>

> Hi,

> It have now understood how to have CubicWeb delegate authentication to
> Apache (CubicWeb/trustedauth), and how to have Apache delegate
> login/password management to CubicWeb (Apache/mod_authn_dbd).
> The above works fine in the case of a single CubicWeb instance.
> In the case of multiple CubicWeb instances, how to use the same CWUsers in
> multiple CubicWeb instances? Even putting aside Apache, trustedauth and
> mod_authn_dbd, do we have to delegate authentication to an external
> database such as LDAP? Could we manage CWUsers in a central CubicWeb
> instance that would be somehow used by other CubicWeb instances?

Both ldap and a dedicated instance are a reasonable solution.

ldap pros:
* leverage an existing ldap instance
* already in cubicweb
ldap cons:
* you need to configure it (& know some ldap minutiae)
* group support is a bit fresh (but David knows more about this)

dedicated instance pros:
* you are free from ldap
* may be more flexible and more convenient than setting up an ldap instance
if you don't have one
* you must write a feed parser to synchronize users & groups

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cubicweb.org/pipermail/cubicweb/attachments/20130726/6ce631e0/attachment-0186.html>

More information about the Cubicweb mailing list