From: Oliver Bleutgen <myzope@gmx.net>
Btw. with a small module it's even possible to log the usernames with apache, something medusa isn't capabable of afaik (as of zope version < 2.3).
Cool! What module is this, and how do you use it?
Heh, it's a apache-module written in perl called AuthAny that I leeched somewhere and it's sole purpose is to make apache think there's authentication going on so that he logs the names and to _require_ a username and password, but I think that is easily fixable if you want to allow anonymous logins. I would describe that as a hack, but I wouldn't be able to modify apaches itself for a more "correct" solution even when my life depended on it. I use this in http.conf <Directory proxy:*> PerlAuthenHandler Apache::AuthAny AuthType Basic AuthName "Your Login..." AuthUserFile "/web/site/bogus_userfile.txt" require valid-user </Directory> Don't rember whether AuthUserFile is necessary, it may be just an artifact of some other experiments. AuthAny.pm is an amazingly complex (;-)) perl-module which has to be put into the right location, which is in Suse (7.0): /usr/lib/perl5/site_perl/5.005/i586-linux/Apache/AuthAny.pm package Apache::AuthAny; # file: Apache/AuthAny.pm use strict; use Apache::Constants qw(:common); sub handler { my $r = shift; my($res, $sent_pw) = $r->get_basic_auth_pw; return $res if $res != OK; my $user = $r->connection->user; unless($user and $sent_pw) { $r->note_basic_auth_failure; $r->log_reason("Both a username and password must be provided", $r->filename); return AUTH_REQUIRED; } return OK; } 1; __END__ One note: Does anybody feel inspired to write a python module for apache which hooks into zope's security mechanism and gives a possibility for simple authentication which is shared between zope and apache? For instance authenticate a user iff he is allowed to access a certain "dummy" object. That way one could easily manage access within zope to files/scripts which are not inside the ZODB. cheers, oliver