[Zope-CMF] Re: How does Zope know the name of the session cookie it
should refer to?
Laurence Rowe
l at lrowe.co.uk
Thu Apr 10 11:49:53 EDT 2008
Plone from version 2.5 uses PAS PluggableAuthenticationService. IIRC you
give the plugins an order, so if the shibboleth plugin comes before the
cookie auth plugin then it will `win`.
See: http://plone.org/documentation/manual/pas-reference-manual/
Laurence
Alex Man wrote:
> Hi,
>
> My apologies if this isn't the correct mailing list I should post this
> question to. Please let me know if I should post on another list.
>
> I'm using Shibboleth as the authentication system in Plone and is
> wondering how Zope knows the name of the session cookie it should refer to.
>
> First of all, the software I'm using:
>
> * Zope 2.9.8
> * Plone 2.5.5
> * Apache 2.2.6
> * apachepas 1.2
> * ShibbolethLogin 0.6
>
> If a user logs into Plone through the local Plone user account, the
> session cookie Plone refers to is
>
> *__ac
>
> *If a user logs into Plone through Shibboleth, the session cookie Plone
> refers to is
>
> *_shibsession_XXX
>
> *where XXX is a 40-character alphanumeric sequence.
>
> I'm sure something must have told Zope/Plone to refer to the
> _shibsession_XXX cookie instead __ac and I'm wondering how that is done.
>
> Does anyone have any idea/hint on this? I'd appreciate any kind of help.
> Thanks a lot!
>
> Regards,
>
> Alex
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Zope-CMF maillist - Zope-CMF at lists.zope.org
> http://mail.zope.org/mailman/listinfo/zope-cmf
>
> See http://collector.zope.org/CMF for bug reports and feature requests
More information about the Zope-CMF
mailing list