Felix Ulrich-Oltean writes:
... Our site is served by Zope, as well as PHP and Perl - the entry point is in PHP - i.e. login screens, general stuff. By the time someone gets to the Zope pages, they should be already logged in. I've looked at both exUserFolder and SimpleUserFolder, but I still cannot see how to intercept the request before the UF presents the user with a login screen / HTTP basic auth dialog. Most cookie user folders allow the customization of the login dialog. Make it a redirect to a page that handles your global (for PHP, Zope, ...) login.
This may pop up a login dialog or perform an automatic login based on already available login information. The login action is expected to have some variables (e.g. "__ac_name" and "__ac_password"). Let your login page come back with these variables set -- voila. As an alternative, you can Zope tell to not make its own authentication but use what is already available. I never used this myself but read about it in a document about Web-Server/Zope integration. It is detailed there for the case that the Web Server does the authentication. Look into the "doc" subdirectory of your Zope distribution. Dieter