Bill wrote:
On another semi-related issue - how does one pass the certificate generated by apache to the Zserver for a kind of "single signon"?
Well, you don't pass the certificate, you pass the certificate information. This is done via environment variables named stuff like SSL_CLIENT_I_DN_CN and other cryptic names, and can only be done with CGI. So you'll need to setup Apache and Zope to use CGI. Luckily, you can use the normal Apache CGI, since the patches made by Zope com are only there to pass http login information, and you don't need that. Then you need to use that information from the SSL_* variables to login. This can be done in various ways, by modyfying the Cookie Crumbler or by making modified versions of the user folder.