On Fri, 15 Dec 2000, Mayers, Philip J wrote:
> We've got a bespoke application for storing our (very large) user account
> database here. One field a user can have is a crypted unix password (which
> I'm currently using to authenticate users). The other thing that can exist
> is the Subject or SubjectAltName of an SSL certificate suitable for client
> web authentication.
> Apache will validate the certificate for me (by passing a valid CA cert to
> it's configuration) and I'm running over PCGI, so by the time we get into
> Zope, we can "TRUST" the SSL_CLIENT_S_DN and SSL_CLIENT_I_DN values passed
> in. What's the next step?
What might possibly help you:
* Look into mod_ssl's FakeBasicAuth feature
* Look at those How-Tos:
Zope maillist - [EMAIL PROTECTED]
** No cross posts or HTML encoding! **
(Related lists -