there is no "script" zope runs and you can't just instantiate a user yourself. one way to do this is find a user folder that uses cookies (or use the cookiecrumbler) and then have the other server set a suitable authentication cookie that can then be read by the zope instance. cookies can be read if, for example, both servers are within the same toplevel domain and the cookie is set to contain that domain (not a specific hostname) as the entity that set the cookie. i suggest you read up on cookie usage and using cookie-based user folder schemes. jens On Monday, June 24, 2002, at 11:15 , William P Hewitt wrote:

How does one authenticate a user without going through an BASIC Authentication challenge screen?

What I would like to do is this:

I have another server that has already authenticated the individual making the request. If the request comes to Zope from that machine, I have a high degree of confidence that the indvidual in question is who they say they are.... I can pass the proper information about the user along - if I knew what/how to pass..... Is there some easy way to accomplish this?

What I need to know is how does Zope recognize the information being sent it, and then assign the proper roles for said individual without forcing another login?

I've looked at cookies, authentication headers, certs, etc - but I don't seem to understand what Zope does with this information when it receives it. Can anyone tell me what script Zope runs to set up the roles or how I might set them myself?

TIA

WPH