[Zope] Zope, Apache, REMOTE_USER

[Alan Milligan]

Robert Boyd wrote:

> FWIW, my situation is a Shibboleth setup where I wrote a customized
> Cookie Crumbler to recognize the identity of an authenticated user
> requesting a Zope CMF site. It identifies the principal's user id
> through REMOTE_USER.
Hmmm, I think what is happening is that Zope's HTTPRequest is grabbing
the AUTHORISATION header and processing it, sticking the contents into
the _auth attribute.  You should probably grab it from here.

Alan