Hi Sascha. I realize that you can forward a port this way but this requires providing server accounts to users in addition to zope accounts. scponly is a product to remove other shell functionality - so you can hand out accounts in a more untrusted situation. Either way, handing out server accounts is not something I favor. I am looking for either for a proper zope solution or a way of using the apache proxy to accomplish this. David is right, I have also seen very little about securing webdav outside of ZServerSSL and m2crypto. Anyone happy with the results? I am not even certain if it works with 2.8. What about sftp? Anyone using Zope Corp's sftp package that can comment? I believe twisted is in the mix for Zope3 and sftp. Can anyone comment on this or whether this solution has some potential for Zope2. I think the Zope Corp idea was twisted obtaining the data on port and supplying the data to zope in the background. Regards, David On Saturday, September 24, 2005, at 08:39 AM, Sascha Ottolski wrote:
Am Samstag, 24. September 2005 01:08 schrieb David Bear:
I run zope in back of apache, and let apache handle tls/ssl.
In all the searching on zope.org <http://zope.org> though I haven't found any documents on how to let apache handle securing webdav for zope as well.
Anyone see/written such?
depending on your situation, a ssh tunnel might be feasible; works perfectly. small drawback is, you obviously have to open a ssh session first (ssh-agent is your friend).
Cheers, Sascha _______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )