To move into enterprise market, I think a lot of effort is required to fight the 'J2EE hype'. Most of the companies now would like to hear 'J2EE-compliant' solutions being used by the vendor. They would like an 'open standard' that their future purchases can work with. A non-j2ee solutions provider would need to convince them otherwise (e.g. thru cost-benefit analysis)
I'm not sure much of this has been done formally. There are a few comparisons of Zope with other application servers "floating around" on the Internet. But the responsibility for a "polished" buzzword-compliant cost-benefit analysis would probably fall to you (as the vendor).
Another requirement would be to provide Single Sign-on portal feature to multiple applications, including external apps in other platform (Java, Perl, etc). There will be a need for APIs in the solution to allows external apps to call and authenticate with. Is this currently available in zope?
Yes. Zope has an extensible user authentication, authorization, and management API. For examples of how this can be leveraged, see the LDAPUserFolder and ExtUserFolder products. External apps can communicate with Zope through HTTP or XML-RPC for this purpose. - C