We use Apache proxying to redirect to a local Zope server on one of our machines. I recently turned on Apache basic authentication, and lo-and-behold the Apache credentials get passed in an "Authentication: " header to Zope. Well, this breaks things for us, because Zope prefers the Authentication header to its fallback cookie method for authentication.

I am now searching for a way to strip headers from Apache proxying, or a way to turn off basic authentication for Zope.

Bookmark/Search this post with:

delicious | digg | technorati