I'm converting a CMF site that uses LDAP authentication to enable authentication from a user's certificate (smart card). I wrote an authN and credentials plugin that works when used against protected content like a folder, that is not a CMF site. It does not work on a CMF site (always directed to login screen).
I need help on how to incorporate it with CMF and its CookieCrumbler. The use case is: user visits CMF site where membership is required, the user's cert is read, compared to the LDAP directory, if the user is found, they are authenticated. There is no challenge seen by the user. If the user doesn't have a smart card, authentication fails over to an LDAPMultiPlugin, which would present the user with a login screen for entering username/password. When I set up my plugin as primary auth handler, a _ZopeId session cookie is issued. I want instead to use the CMF's cookie and session mechanisms. BTW, I am not using Plone, so PlonePAS is out. Thanks for any help. Rob __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com _______________________________________________ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas