Divorcing WebDNS from itself; integrating into an existing infrastructure.
Augie Schwer
that already had an existing authentication scheme and existing
accounting of customers to domains; thus I wouldn't be using the
'horde_users', 'groups', 'user', and 'domain_in_group' tables; on a
scale of "easy" to "impossible" how difficult do you think this task
would be?
No really; am I setting myself up for failure here?
--
Augie Schwer - Au...@Schwer.us - http://schwer.us
Key fingerprint = 9815 AE19 AFD1 1FE7 5DEE 2AC3 CB99 2784 27B0 C072
Dave Taylor
John, would you like to put in your thoughts on this?
John Morrissey
> Wow. :) I'm going to say that that would be quite difficult indeed.
> Horde is able to use different authenticate types, so you might be able to
> create your own authentication function and have Horde use it. I would
> think the biggest issues would be with permissions. In order to do just
> about anything in WebDNS, the system needs to know your permissions on the
> group that the current zone belongs to. As far as that goes, I would
> think you'd need to make WebDNS check with your system to verify
> permissions. Off the top of my head, I'd say you could do that by
> changing the Auth_sql_webdns::hasPriv function to point to your own
> system. There's most likely more to it also.
You'd probably need to refactor large parts of Auth_sql_webdns, since users
are linked to groups, permissions, etc. by their IDs. It should be possible
to support other authentication systems, but we chose to implement only SQL
because of the additional information WebDNS needs (the aforementioned
permissions, group information, etc.) and it was a lot more work to
implement other backends, since they more or less need to be implemented
from scratch unless they're very SQL-like.
john
--
John Morrissey _o /\ ---- __o
j...@horde.net _-< \_ / \ ---- < \,
www.horde.net/ __(_)/_(_)________/ \_______(_) /_(_)__