[Zope] some SSL some clear content - needs two zope instances?

[Roman Milner]

Hello.  We are in the process of setting up a Zope site - some of which
requires SSL some does not.  

So, do I need two Zope servers or can I avoid this somehow?  My first
thought was to put all the SSL content in a folder and have all the DTML
methods check the REQUEST['SERVER_PORT'] and makes sure it's 443.  I
don't really know how safe that is as I don't know where SERVER_PORT
comes from - the client or the server?  Anyways, I can't do that for
ZSQL methods or images so that won't work regardless.

So what are my other options?  I was thinking of maybe an SSLFolder
product that won't allow any content to be viewed unless it's coming
in on a given (default 443) port (or maybe some other means of
checking for SSL) Or adding a "Viewable without SSL" permission - but
I really don't know what either of those would entail.

Any suggestions are greatly appreciated.  Especially on a simpler way
to solve the problem without two Zope servers installed.

^Roman