Dieter Maurer wrote:
Yes, I understand the alternative to FastCGI, but mod_proxy doesn't pass the required environmental variable REMOTE_USER to zope. I was asking about single sign-on alternatives for Zope.
In principle, the rewrite rules allow to specify environment extensions. When I remember right, you use an "E=..." in the "[P, ...]" to call for such an extension.
Indeed, I also looked into mod_rewrite (which I'm using anyway) and I realised I could put the user id into the URL with %{LA-U:REMOTE_USER}. That's a special case of %{ NAME_OF_VARIABLE }, required because "this variable is set by the authorization phases which come after the URL translation phase where mod_rewrite operates". The problem is that I have no knowledge of zope internals, including VHM. And not much time (or money) to fix it. Any idea if it would be a simple matter of patching RemotUserFolder or would it require additional patching to VHM, etc? If feasible, this could indeed be a nice solution, only with positive impact (get rid of FastCGI). Regards, Fernando