[Zope] Authentication

Jens Vagelpohl jens@zope.com
Mon, 24 Jun 2002 23:25:01 -0400


there is no "script" zope runs and you can't just instantiate a user 
yourself.

one way to do this is find a user folder that uses cookies (or use the 
cookiecrumbler) and then have the other server set a suitable 
authentication cookie that can then be read by the zope instance. cookies 
can be read if, for example, both servers are within the same toplevel 
domain and the cookie is set to contain that domain (not a specific 
hostname) as the entity that set the cookie.

i suggest you read up on cookie usage and using cookie-based user folder 
schemes.

jens


On Monday, June 24, 2002, at 11:15 , William P Hewitt wrote:

> How does one authenticate a user without going through an BASIC
> Authentication challenge screen?
>
> What I would like to do is this:
>
> I have another server that has already authenticated the individual
> making the request. If the request comes to Zope from that machine, I
> have a high degree of confidence that the indvidual in question is who
> they say they are.... I can pass the proper information about the user
> along - if I knew what/how to pass..... Is there some easy way to
> accomplish this?
>
> What I need to know is how does Zope recognize the information being
> sent it, and then assign the proper roles for said individual without
> forcing another login?
>
> I've looked at cookies, authentication headers, certs, etc - but I don't
> seem to understand what Zope does with this information when it receives
> it. Can anyone tell me what script Zope runs to set up the roles or how
> I might set them myself?
>
> TIA
>
> WPH