[Zope] Authentication with IIS

Jens Vagelpohl tommymi@concentric.net
Tue, 21 Dec 1999 11:06:12 -0500


what rob is talking about is an ISAPI IIS filter. as i remember reading some
of those books a year or so ago incoming requests are always routed through
existing ISAPI extensions before hitting the server per se, for this reason
authentication is one of the prominent uses of ISAPI.

an ISAPI filter can basically do anything with the incoming request. it's
just harder to program than other solutions. if you have visual c++ version
5 or higher the wizards have an option to produce a skeleton ISAPI DLL that
you can extend.

hth

jens



> -----Original Message-----
> From: zope-admin@zope.org [mailto:zope-admin@zope.org]On Behalf Of Rob
> Page
> Sent: Tuesday, December 21, 1999 06:38
> To: 'Toby Dickenson'
> Cc: 'zope@zope.org'
> Subject: RE: [Zope] Authentication with IIS
>
>
> > > This question has been asked several times already, and the
> > > answer is always the same:
> > >
> > > Q: How to to interface Zope with IIS
> > > A: turn off challenge/response authentication and turn on basic
> > > authentication for Zope to handle authentication
> > >
> > > *BUT* I want IIS to handle authentication, and give Zope the
> > > user's name
> > > through REMOTE_USER.
> > > It seems not to be possible. Has anyone managed to do that?
> >
> > I think you would need to write a user folder to do that.
>
> I don't think this is the only way of accomplishing this (though it
> might be the easiest).  I think you could write (in VC++) an IIS
> "filter" which would (in a similar fashion to the Netscape Enterprise
> Server plugin) 'hijack' the request and stuff the REMOTE_USER into it.
>
> --Rob