[Zope] APACHE SSL AND ZOPE....
Lennart Regebro
lennart@regebro.nu
Tue, 03 Jun 2003 11:18:11 +0200
Bill wrote:
> On another semi-related issue - how does one pass the certificate
> generated by apache to the Zserver for a kind of "single signon"?
Well, you don't pass the certificate, you pass the certificate
information. This is done via environment variables named stuff like
SSL_CLIENT_I_DN_CN and other cryptic names, and can only be done with
CGI. So you'll need to setup Apache and Zope to use CGI. Luckily, you
can use the normal Apache CGI, since the patches made by Zope com are
only there to pass http login information, and you don't need that.
Then you need to use that information from the SSL_* variables to login.
This can be done in various ways, by modyfying the Cookie Crumbler or by
making modified versions of the user folder.