Sachin Shah wrote:
What we are having problems with is getting Apache to authenticate the user BEFORE it redirects to /internal/ in Zope. The other snag: everything under /internal/ is under SSL. One area where we are not certain is if the require user authentication specs should be in LOCATION tags or DIRECTORY tags.
I can't comment too much on your problem, your report, although detailed, still did not show everything, for example, how is it failing? Does Zope show public pages but never lets you authenticate? One thing I noticed is that you want Apache to authenticate, then you try and pass the Auth headers into Zope. You can't have it both ways, either Apache authenticates you (and you are quite crippled in this sense, using the front end web server to do authentication is not desireable at all, and limits what Zope can do to a great extend) or Zope authenticates you. Perhaps I am not completly understanding what you want to do, but I think you might be tackling too many problems at once and your conf file apears to be very complex. First, take out all the Apache auth and SSL and all the other Rewrites and complexity and just get Zope to work with Apache. _Then_ add something else, and get it to work, and so on. Further, you may want to consult the Apache docs and inspect the environment that Apache sets up for PCGI along each step of this process; Apache, for instance, may not set up all of the CGI 1.1 environment variables in a way that makes Zope happy when you use SSL. Or maybe Apache ixnays the Auth header after it does Auth. I couldn't tell you either way. -Michel