On Fri, 15 Dec 2000, Mayers, Philip J wrote:

> We've got a bespoke application for storing our (very large) user account
> database here. One field a user can have is a crypted unix password (which
> I'm currently using to authenticate users). The other thing that can exist
> is the Subject or SubjectAltName of an SSL certificate suitable for client
> web authentication.
> Apache will validate the certificate for me (by passing a valid CA cert to
> it's configuration) and I'm running over PCGI, so by the time we get into
> Zope, we can "TRUST" the SSL_CLIENT_S_DN and SSL_CLIENT_I_DN values passed
> in. What's the next step?

What might possibly help you:

* Look into mod_ssl's FakeBasicAuth feature

* Look at those How-Tos:


Zope maillist  -  [EMAIL PROTECTED]
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-dev )

Reply via email to