[Zope] User Authentication Question

[James W. Howe]

One of the requirements of a web site that I'm working on is the ability to 
restrict certain areas of the site to people who have registered with the 
site.  I'm experimenting with GenericUserFolder in an effort to support 
this.  The idea is that the site would use cookie-based authentication and 
the user would login via a registration screen.  I think I understand how 
to do this within Zope.  However, in addition to users accessing the site 
just to view its content, I will also have users accessing the site to 
manage content.  When a user wants to manage content, I would like to 
display a different login screen or use a different login mechanism.  For 
example, I don't want to put my content manager information in my user 
registration database.  My question is this, is there a way to tailor 
authentication based on the type of access a user is asking for?  Is there 
a way to programatically know if a user is accessing management screens 
(there must be, otherwise the whole security mechanism of Zope would 
work).  Where in the Zope code would I look to gain a better understanding 
of how the whole security mechanism works?

Any tips or pointers on this subject would be appreciated.

Thanks.

James W. Howe				mailto:jwh@allencreek.com
Allen Creek Software, Inc.		pgpkey: http://ic.net/~jwh/pgpkey.html		
Ann Arbor, MI  48103