Erick Mechler wrote:

- user starts at www.mydomain.edu (http) - user goes to www.mydomain.edu/internal which is secure (https) and requires a password for entry - all pages under www.mydomain.edu/internal are secure (https)

I'm having trouble getting this to work with out Zope-ified site, however. What I would like is to have Apache handle all password authentication, and I would like it to happen over ssl. Is this possible at all?

Any help would be appreciated.

Sure. I'm using mod_ssl and apache 1.3.12: My conf is like this: <VirtualHost 216.17.170.666:80> ProxyPass / http://imeme.net:6666/ ProxyPassReverse / http://imeme.net:6666/ </VirtualHost> <VirtualHost 216.17.170.666:443> ProxyPass / http://imeme.net:6666/ ProxyPassReverse / http://imeme.net:6666/ ServerName imeme.net ServerAdmin mindlace@imeme.net ErrorLog /path/to/apache/logs/error_log TransferLog /path/to/apache/logs/access_log SSLEngine on SSLCertificateFile /path/to/apache/conf/ssl.crt/server.crt SSLCertificateKeyFile /path/to/apache/conf/ssl.key/server.key </VirtualHost> I have zope actually running standalone on port 6666. Then I use SiteAccess. The access rule should look like this for you: look for internal, then munge the result to be 0 if not found: <dtml-if "1+(_.string.find(PATH_INFO, 'internal'))"> <dtml-call "REQUEST.set('SiteRootBASE','https://www.mydomain.edu')"> <dtml-else> <dtml-call "REQUEST.set('SiteRootBASE','http://www.mydomain.edu')"> </dtml-if> then you want to put a SiteRoot object in your root folder, leaving everything as per default. As long as your first links to /internal are written as https:// the austhentification should be over ssl. The access rule makes sure any dynamically generated URLs under /internal are written as https:// ~ethan fremen -- http://mindlace.net __________________ mindlace@imeme.net I don't want The Truth but I wouldn't mind a Big Analogy.