[Zope-CMF] Verifying a user based on __ac and __ac_name

[Tres Seaver]

Gitte Wange wrote:
> Hello,
> 
> I a trying to integrate a payment server into my cmf site.
> When people have ordered their stuff and checked out their items, the
> payment server fetches a specific page from the zope system. This page is a
> reciept.
> Since it's the server that fetched the page, the user is not logged in.
> But I'm sending the HTTP_COOKIE with the request so I have this when the
> payment server fetches the receipt.
> 
> Now I was wondering if I could make some sort of script that looped through
> all the portal member finding a member matching name in __ac_name and
> verifying that the password in __ac is the same as the portal members
> password.
> 
> Any hints on this ?

If you send the cookies with the 'Cookie:' header, then you *will* be
authenticated: that is what the CookieCrumbler does. Perhaps you have
spelled the header name oddly (e.g., 'HTTP_COOKIE' won't work).

Tres.
--
===============================================================
Tres Seaver tseaver@zope.com
Zope Corporation "Zope Dealers" http://www.zope.com