21 Dec
2005
21 Dec
'05
2:17 p.m.
Robert Boyd wrote:
FWIW, my situation is a Shibboleth setup where I wrote a customized Cookie Crumbler to recognize the identity of an authenticated user requesting a Zope CMF site. It identifies the principal's user id through REMOTE_USER. Hmmm, I think what is happening is that Zope's HTTPRequest is grabbing the AUTHORISATION header and processing it, sticking the contents into the _auth attribute. You should probably grab it from here.
Alan