Take a look at the most excellent (or at least really good) exUserFolder. http://exuserfolder.sf.net Troy Thomas Engel wrote:
Help please!
I'm building a comprehensive education resource based on Zope for my school, and I'm trying to learn Zope internals.
We are running Apache 2.0.43 with mod-Perl 5.8.0 and Zope 2.5.1, currently on the same machine. Apache serves some content and uses virtual host and proxy for content in Zope with a VirtualHostMonster.
Authentication of protected resources works like this: when a request for a protected resource is received, Apache calls a Perl script to check a special cookie from the user's browser. The cookie has the user name and a hash of several values. If the cookie is absent or invalid, the user is directed to a secure campus server which asks for the user name and password, authenticates it against a Kerberos system, places the cookie and redirects the user back to our site. At that point the Perl script finds a valid cookie and allows access.
All of this works perfectly! I can get the cookie in the REQUEST object in Zope.
I can populate Zope with users. I would like to use Zope's built in role mechanism for permissions.
How can I make Zope get the user name from the cookie instead of from the user's browser?
I am happy to subclass existing Python code to make this happen.
I assume that Zope sends a WWW-Authenticate response header to the user's browser, but I have not yet been able to find the class that does this, and I have not found this question asked before on the lists.
Any knowledge or advice is greatly appreciated.
Thanks in advance,
Tom Engel
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )