[Zope] Zope and Apache (Authentication)
Michel Pelletier
michel@digicool.com
Thu, 02 Sep 1999 13:37:08 -0400
Cobalt maillinglist wrote:
>
> Hi!
>
> I'm using zope 2.0 with apache 1.3.6.
> I can't get the authentication to work. I can access the normal
> directories, but not manage.
>
> I have configured the Rewrite rules in my apache .conf-files. Apache sets
> the following env-variable: (from rewrite log)
>
> 195.10.177.75 - - [02/Sep/1999:19:26:47 +0300]
> [www2.micasolutions.fi/sid#80c6f7c][rid#80d562c/initial] (5) setting env
> variable 'HTTP_CGI_AUTHORIZATION' to 'Basic bWljYTpib3l6Mm1lbg=='
>
> I'm using the following rewrite-rules:
>
> <Directory /home/httpd/html>
> RewriteEngine On
> RewriteCond %{HTTP:Authorization} ^(.*)
> RewriteRule ^Zope/(.*) /cgi-bin/Zope.cgi/$1
> [E=HTTP_CGI_AUTHORIZATION:%1,T=application/x-httpd-cgi,L]
>
> ...
> </Directory>
>
> ExecCGI is on and Zope.cgi is executable.
>
I would suggest using RewriteLog, level 9, to track down the bug.
> How does Zope access the password/user information from the HTTP_CGI_AUTH
> variable, because it's crypted and it doesn't match the password in zope's
> access?
>
It's not crypted, it's base64'ed plain text. Zope's access file is
crypted however, but it can handle that.
-Michel
> contents of access file:
>
> username:{SHA}Ngqe33rRJ5132clVpXf6T+CyMX8=
>
> Kristoffer Michael
>
> _______________________________________________
> Zope maillist - Zope@zope.org
> http://www.zope.org/mailman/listinfo/zope
>
> (To receive general Zope announcements, see:
> http://www.zope.org/mailman/listinfo/zope-announce
>
> For developer-specific issues, zope-dev@zope.org -
> http://www.zope.org/mailman/listinfo/zope-dev )