How does one authenticate a user without going through an BASIC Authentication challenge screen? What I would like to do is this: I have another server that has already authenticated the individual making the request. If the request comes to Zope from that machine, I have a high degree of confidence that the indvidual in question is who they say they are.... I can pass the proper information about the user along - if I knew what/how to pass..... Is there some easy way to accomplish this? What I need to know is how does Zope recognize the information being sent it, and then assign the proper roles for said individual without forcing another login? I've looked at cookies, authentication headers, certs, etc - but I don't seem to understand what Zope does with this information when it receives it. Can anyone tell me what script Zope runs to set up the roles or how I might set them myself? TIA WPH