Robert Boyd wrote: > FWIW, my situation is a Shibboleth setup where I wrote a customized > Cookie Crumbler to recognize the identity of an authenticated user > requesting a Zope CMF site. It identifies the principal's user id > through REMOTE_USER. Hmmm, I think what is happening is that Zope's HTTPRequest is grabbing the AUTHORISATION header and processing it, sticking the contents into the _auth attribute. You should probably grab it from here.
Alan _______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )