[Zope] Authentication with cookies instead of browser.
Troy Farrell
troy@entheossoft.com
Thu, 24 Oct 2002 16:21:07 -0500
Take a look at the most excellent (or at least really good) exUserFolder.
http://exuserfolder.sf.net
Troy
Thomas Engel wrote:
> Help please!
>
> I'm building a comprehensive education resource based on Zope for my
> school, and I'm trying to learn Zope internals.
>
> We are running Apache 2.0.43 with mod-Perl 5.8.0 and Zope 2.5.1,
> currently on the same machine. Apache serves some content and uses
> virtual host and proxy for content in Zope with a VirtualHostMonster.
>
> Authentication of protected resources works like this: when a request
> for a protected resource is received, Apache calls a Perl script to
> check a special cookie from the user's browser. The cookie has the user
> name and a hash of several values. If the cookie is absent or invalid,
> the user is directed to a secure campus server which asks for the user
> name and password, authenticates it against a Kerberos system, places
> the cookie and redirects the user back to our site. At that point the
> Perl script finds a valid cookie and allows access.
>
> All of this works perfectly! I can get the cookie in the REQUEST object
> in Zope.
>
> I can populate Zope with users. I would like to use Zope's built in role
> mechanism for permissions.
>
> How can I make Zope get the user name from the cookie instead of from
> the user's browser?
>
> I am happy to subclass existing Python code to make this happen.
>
> I assume that Zope sends a WWW-Authenticate response header to the
> user's browser, but I have not yet been able to find the class that does
> this, and I have not found this question asked before on the lists.
>
> Any knowledge or advice is greatly appreciated.
>
> Thanks in advance,
>
> Tom Engel
>
> _______________________________________________
> Zope maillist - Zope@zope.org
> http://lists.zope.org/mailman/listinfo/zope
> ** No cross posts or HTML encoding! **
> (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce
> http://lists.zope.org/mailman/listinfo/zope-dev )