[Zope] single sign-on

Fernando Martins fernando at cmartins.demon.nl
Mon Apr 3 16:55:36 EDT 2006


David H wrote:
> Robert,
>
> You can python + COM your way to a browser startup zope/plone login
> screen.  I cannot see how you automate the authentication of a given
> browser instance that is then handed to your users.
>

Hmm, that's not automation in this sense. The user logins into the
workstation (Windows, don't know about unix), the user opens the browser and
accesses an INTRANET page. The browser (IE or Firefox with NTLM setup) will
then send authentication information to the Intranet server using the NTLM
protocol. The web server (Apache with NTLM module) checks with some internal
Domain server and sets the environmental variable REMOTE_USER. This is then
sent to a CGI or FastCGI app (zope with FastCGI).

> Maybe someone will correct this.  If so everyone's happy.

Yes, local Intranet users love this, one less login, automatic recognition,
personalisation, instant gratification,... ;-)

Cheers,
Fernando



More information about the Zope mailing list