You are not logged in Log in Join
You are here: Home » Members » zhivago » SSLCertAuth » SSL Certificate Authenticator Product » ReadMe » View Document
Log in
Name

Password

 
Link icon Forgot your password?
Print

ReadMe

This product released under the GPL.

With this product you can authenticate some users by SSL client certificates. This product was inspired by the cookie crumbler product from the CMF. At every request it checks whether a certificate is presents. If so, it looks up a user name for the certificate data. If a user name found, the underlying acl_users objects are querried for a user object with the name. Finally the basic authentication vars are set with the user's data. If no username or user object found, things work as usual.

Setup

You need to set up Apache to do certificate checking. Read my How-To at http://www.zope.org/Members/zhivago/SSLCertAuth/How-To_SSLCertAuth Untar the archive to your Zope's Product directory, and restart it. Add an SSL Certificate Authenticator instance to the folder you want certificate authentication. On the Edit page insert the certificate data for the users. The checked certificate field can be selected on the Properties page.

Drawbacks

At every request acl_users objects are querried twice. Once by the product, and second by validate. To avoid this, use my LoginManager loginmethod for ssl authentication.
Copyright (c) 2011 Zope Foundation. All rights reserved. Legal | Contact
If you can read this text, it means you are not experiencing the Plone design at its best. Plone makes heavy use of CSS, which means it is accessible to any internet browser, but the design needs a standards-compliant browser to look like we intended it. Just so you know ;)