from base64 import encodestring def cert_auth(self): # certs is a dictionary, holding certificate data as keys # (see cert_var) and zope usernames as values. # Fill this with the data of your users certs={'John Avarage':'john', 'Joe Sixpack':'joe' } # cert_var is the name of the evironment variable used for # checking. cert_var='SSL_CLIENT_S_DN_CN' req=self.REQUEST resp=req.RESPONSE environ=req.environ if environ.get('HTTPS'): # SSL vars present? cn=req.environ.get(cert_var) if cn: # look up a user name from certs uname=certs.get(cn) if uname: # query the underlying acl_users' for a user with this name parent=self.aq_inner.aq_parent while 1: if hasattr(parent,'acl_users'): user=parent.acl_users.getUser(uname) if user: # set basic authentication request vars pw = user.__ ac = encodestring('%s:%s' % (uname, pw)) req._auth = 'basic %s' % ac resp._auth = 1 return if hasattr(parent, 'aq_parent'): parent=parent.aq_parent parent=getattr(parent, 'aq_inner', parent) continue if hasattr(parent, 'im_self'): parent=parent.im_self parent=getattr(parent, 'aq_inner', parent) continue break return