From: "Luke Tymowski" <luke@seeto.com>
Is there a way to force Zope to use SSL when a user requests a manage login?
Realize that "a manage login" isn't well defined, unless you're providing the definition. *Any* request can require the "Manager" role, depending on how permissions are set, and conversely you can allow access to "management" URLs to people without "Manager" role. What you probably need is a UserFolder that refuses to authenticate any of its Users unless the access protocol is https. I'm sure that LoginManager can be made to do this. You might also want to try writing an External Method that removes the Basic Auth information from REQUEST if the protocol is wrong, and use it as an Access Rule. Cheers, Evan @ digicool & 4-am