Warning: Can't synchronize with repository "(default)" (Unsupported version control system "svn": No module named svn). Look in the Trac log for more information.

Version 72 (modified by joey, 13 years ago) (diff)

Delete spam

Identity Management

Here is a Tutorial for getting TurboGears identity management support up and running.

This Tutorial is written from the perspective of a fresh quick-started project

Part I: Identity Basics

A. Quick-Start

To begin with the tutorial, let's quick-start a learning project. Of course, everything you learn in the tutorial applies to existing projects as well.

D. Authenticating against an external password source

In some cases, you may want to authenticate against an external password source, while still using the standard Identity models for storing everything except passwords.

For example, authenticating against an existing Windows/Samba? domain controller means that your users can use the same password for your TurboGears project as they use to log in to Windows. (The same concept applies to LDAP, etc.)

For an example of how to do this, see the attached file "", which subclasses the SQLObject provider, but validates user names and passwords against a Windows domain. It's not a pure SMB provider (only the user names and passwords are checked against the domain controller), so you still have to add users and groups (etc.) to the Identity tables.

For an example of how to validate user names and passwords against an LDAP directory, see "".

As of r1512 (branch 1.0) and r1513 (trunk), a validate_password() method was added to the "SqlObjectIdentityProvider?" object in, making it much simpler to subclass and create your own provider. So if you're running 0.9a6 or before, you'll still need to use "", but if you're running a later release (or svn r1512 or later), you can use "sosmbprovider-(after_r1512).py". (It works the same, but the code is shorter and clearer.)