On Fri, Dec 15, 2000 at 11:42:23AM -0000, Mayers, Philip J wrote:
> How would I go about making LoginManager authenticate them on the basis of
> the certificate subject?
> Apache will validate the certificate for me (by passing a valid CA cert to
> it's configuration) and I'm running over PCGI, so by the time we get into
> Zope, we can "TRUST" the SSL_CLIENT_S_DN and SSL_CLIENT_I_DN values passed
> in. What's the next step?
ZServerSSL did this with Zope in "remote user" mode.
Upon successful client cert verification, ZServerSSL maps the subject
DN to a Zope username and sets REMOTE_USER accordingly. Zope's
REMOTE_USER machinery took care of the rest.
This was on 2.1.x. I've not had time to test ZServerSSL with 2.2.x.
ZServerSSL is here:
Ng Pheng Siong <[EMAIL PROTECTED]> * http://www.post1.com/home/ngps
Zope maillist - [EMAIL PROTECTED]
** No cross posts or HTML encoding! **
(Related lists -