Hi-- I was poking my head in from Plone and saw this thread. We in the Plone community definitely want to work with other projects on shared infrastructure. With Zope 2 doing so can be a bit of a pain, but now that we are moving to Zope 3, code sharing should be pretty simple. Zope 3 makes it very easy to adapt standalone code for use in Zope, and, conversely, makes it easy to write Zope 3 code that exists in a useful state outside of Zope 3. So yes, by all means, we encourage you to take a look at some of Zope's authentication solutions.
The current best practice Zope 2 authentication is done by a fairly new package called PluggableAuthService (PAS). I haven't used it myself, but my understanding is that it is a very nice piece of work. The PAS source is here: svn://svn.zope.org/repos/main/PluggableAuthService/trunk and there is a news group on gmane.org about PAS (comp.web.zope.pas). People have started writing all sorts of PAS plug-ins (LDAP, Active Directory, etc). Zope 3 uses something called PAU (pluggable authentication utility) that I am less familar with. Geoff
