[Zope] httpd.conf HELP! please

Michel Pelletier michel@digicool.com
Tue, 14 Mar 2000 09:18:54 -0800


Sachin Shah wrote:
> 
> 
> What we are having problems with is getting Apache to authenticate the
> user BEFORE it redirects to /internal/ in Zope. The other snag: everything
> under /internal/ is under SSL. One area where we are not certain is if the
> require user authentication specs should be in LOCATION tags or DIRECTORY
> tags.
 
I can't comment too much on your problem, your report, although
detailed, still did not show everything, for example, how is it failing?
Does Zope show public pages but never lets you authenticate?

One thing I noticed is that you want Apache to authenticate, then you
try and pass the Auth headers into Zope.  You can't have it both ways,
either Apache authenticates you (and you are quite crippled in this
sense, using the front end web server to do authentication is not
desireable at all, and limits what Zope can do to a great extend) or
Zope authenticates you.  Perhaps I am not completly understanding what
you want to do, but I think you might be tackling too many problems at
once and your conf file apears to be very complex.

First, take out all the Apache auth and SSL and all the other Rewrites
and complexity and just get Zope to work with Apache.  _Then_ add
something else, and get it to work, and so on.  Further, you may want to
consult the Apache docs and inspect the environment that Apache sets up
for PCGI along each step of this process; Apache, for instance, may not
set up all of the CGI 1.1 environment variables in a way that makes Zope
happy when you use SSL.  Or maybe Apache ixnays the Auth header after it
does Auth.  I couldn't tell you either way.

-Michel