Tres Seaver wrote:
Taking HTTP alone, for simplicity of expression; I suppose what I'm asking for is that there are two HTTP servers for one Zope instance. The one on port 80 (for example) only responds to those URLs that are for public viewing. The one on port 8081 (for example) responds to any request that makes sense to map onto an object or attribute.
The same scheme can be applied to FTP -- you choose whether a particular FTP server presents the "public" view, or the "developer" view.
I'm presuming you mean to disallow anonymous access to the "developer" view -- otherwise, you have just transferred the "security-through-obscurity" to another location.
You could. I'd like to do this so that I could block port 8081 (in the example above) at my firewall, or apache config, or whatever. In that way, I get a "neat and tidy" public-viewable website, and a developer site that is viewable only within my network's DMZ. -- Steve Alexander Software Engineer Cat-Box limited