Paul Winkler wrote at 2004-11-29 16:26 -0500:
On Mon, Nov 29, 2004 at 09:51:14PM +0100, Dieter Maurer wrote:
You might use Apache instead for the WebDAV access and use its external authentication to just delegate authentication to Zope.
I've briefly considered this before, but AFAICT all it does is handle authentication, not authorization. In other words, apache will authenticate against zope, but you still need to use .htaccess files to tell apache which users can access which data. Am I wrong?
I do not know. I know only from reading the mailing lists that Apache can delegate authentication to Zope. Maybe, the authentication modul could be extended to return group/role information. Then, an ".htaccess" based on such groups/roles could become feasible. -- Dieter